User-Managed Access

Secure Delegated Authorization that Builds Privacy, Consent and Trusted Relationships

Privacy regulations, like GDPR, impact all organizations holding personally identifiable information. Void of compliance, organizations can suffer disastrous repercussions  in the form of  enormous fines and even imprisonment of executives. Further, lax privacy practices can cost an organization reputation and ultimately consumer trust. But new regulations don’t have to bring only doom and gloom. Savvy businesses can leverage these regulations as a way to build trust with their customers.

Organizations can opt for a contextual privacy methodology which takes the burden away from the business and puts it into the hands of the consumer – ultimately building trusted relationships necessary for successful digital transformation.

User-Managed Access, UMA, gives your customers and employees a convenient way to determine who and what gets access to personal data, for how long, and under what circumstances.  Users delegate access through a simple “Share” button in your app, and can monitor and manage sharing preferences all through a central console.

Do More With User-Managed Access
Product Brief

Learn how UMA can help you protect user privacy with a simple user experience

Customer Identity

The Guide to Trusted Digital Relationships with Customer Identity and Access Management (CIAM)

Overview

IoT and other new technologies require modern solutions like UMA for privacy and consent

No More Data About You, Without You

With UMA, sharing information is simple. While there are a few consent tools out there that go beyond the post-compliance opt-in and opt-out checkboxes, they are proprietary, thus limiting sharing capabilities to within the organization. Other privacy and consent tools lack options to empower consumers, such as granular access controls to determine who can do what with their data, the ability to revoke data access at will, and the security needed to prove who is accessing data.

 
Get Started Here

Get the technical resources and documentation to get started with ForgeRock User-Managed Access

Technical Resources
User-Managed Access (UMA) 2.0 Guide

Guide to configuring and using UMA features in ForgeRock Access Management.


Customizing UMA

Guide to Extending UMA Services with custom functionality to fit your deployment


Access Management Guide

Full Access Management documentation.

API Security: Awareness and Moderation are Key

A Buddhist approach towards addressing the uncertainty of API Security

2500 years ago, light was shed on the philosophy of moderation. It was the key to health and happiness as taught in Buddhism. Similarly, this approach also applies to our reckless world of technology. Take the API economy, for example. Organizations utilize and depend on APIs to create new revenue streams and monetize their core business.

Read More »

ForgeRock Identity Cloud: Early Access Program

We started a journey last December with the release of the ForgeRock Identity Platform 6.5, which helps customers transition millions of users from on-premises to cloud-hosted services in minutes. Today ForgeRock is excited to announce this next phase, an identity solution delivered natively in the cloud.

Read More »

API Security: Applying the Separation of Concerns Design Principle

You may have been wondering what a clever person like Edsger Dijkstra would have considered the best way to approach API security. You aren't the only one. Start by checking out our latest video on API security before we dive into what’s needed for API security and identity integration with business applications.

 

Read More »

True Personal Data Innovation? The Market is Ripe.

Happy Data Privacy Day!

People’s Personal Data Needs and Desires Are (Surprise!) Personal

I finally did it – moved from a tiny condo to a huge house. And now I have smart home use cases that I resisted mightily before, being what researcher Alan Westin called a “privacy fundamentalist”, a strong believer in privacy and personal data protection.

Read More »

Personal Woes of Two-Factor Authentication

Dust off that PC . . . and that authentication?

This past weekend, my buddies in Europe organized a night of online gaming. It had been over a year since I last played with them. Did I stop to worry about authentication? Heck no. I fired up my dusty PC and launched a leading distribution platform for PC gaming.

Read More »

ForgeRock DS and the LDAP Relax Rules Control
2 months ago
In ForgeRock Directory Services 6.5, we’ve added the support for the LDAP Relax Rules Control, both on the server and our clients. One of my colleagues, involved with the customers’ deployment, asked me why we’ve added the control and what it should be used for. The LDAP Relax Rules Control is an LDAP extension that allows a directory user agent […]
Ludo
Explaining index-entry-limit in ForgeRock Directory Services / OpenDJ
2 months 1 week ago
A few years ago, I’ve explained the various resource limits in OpenDJ, the open source LDAP and REST directory server. A few months ago, someone read the post and asked on twitter about the index-entry-limit: The index-entry-limit is probably the least understood parameter in the OpenDJ directory server, as was the AllIDThreshold in Sun Directory Server (and its siblings : […]
Ludo
Better index troubleshooting with ForgeRock DS / OpenDJ
2 months 2 weeks ago
Many years ago, I wrote about troubleshooting indexes and search performances, explaining the magic “debugSearchIndex” operational attribute, that allows an administrator to get from the server information about the processing of indexes for a specific search query. The returned value provides insights on the indexes that were used for a particular search, how they were used and how the resulting […]
Ludo
Kubernetes Process Namespace sharing and the JDK
2 months 2 weeks ago
Kubernetes 1.12 introduced process namespace sharing, which is the ability for containers in a pod to share the same process namespace.  One of the neat things that you can do with this feature is to split your containers up into slim runtime containers, and optional debug containers that have all the tools required for troubleshooting. For Java applications we want […]
Warren Strange
ForgeRock Directory Services 6.5 is Available
3 months ago
The ForgeRock Identity Platform was released and publicly announced early December this year (also here). As you may guess from the announcement, an important part of the new features has to do with DevOps, running in Docker, automated with Kubernetes. The underlying datastore for the ForgeRock Identity Platform is ForgeRock Directory Services, and the new 6.5 release comes with a […]
Ludo
Platform

An Identity Platform Built with the IoT, CIAM, and You in Mind

Digital Identity

Your Customers...

Millions of customers use your digital services--whether cloud, mobile, or IoT. Protect their digital identities and consolidate customer information, so it's easy to create and personalize the customer experience. 

IoT

Their Things...

Cars, drones, street lights, gas pumps, wearables, medical devices... they all have a digital identity. With ForgeRock, you establish who these devices belong to, and decide how and with whom (or what) they interact.

Privacy

Their Choice.

Protect and respect privacy. With ForgeRock, you can let your customers share data selectively. Ask them what’s okay to share, how, when, and with whom. Put them in charge, and they’ll put their trust in you.

Get Started with the ForgeRock Identity Platform

Manage billions of digital identities on new cloud, mobile, and IoT services, all with one unified platform. Try it out today. 

TRY NOW