User-Managed Access

Secure Delegated Authorization that Builds Privacy, Consent and Trusted Relationships

Privacy regulations, like GDPR, impact all organizations holding personally identifiable information. Void of compliance, organizations can suffer disastrous repercussions  in the form of  enormous fines and even imprisonment of executives. Further, lax privacy practices can cost an organization reputation and ultimately consumer trust. But new regulations don’t have to bring only doom and gloom. Savvy businesses can leverage these regulations as a way to build trust with their customers.

Organizations can opt for a contextual privacy methodology which takes the burden away from the business and puts it into the hands of the consumer – ultimately building trusted relationships necessary for successful digital transformation.

User-Managed Access, UMA, gives your customers and employees a convenient way to determine who and what gets access to personal data, for how long, and under what circumstances.  Users delegate access through a simple “Share” button in your app, and can monitor and manage sharing preferences all through a central console.

Do More With User-Managed Access
Product Brief

Learn how UMA can help you protect user privacy with a simple user experience

Customer Identity

The Guide to Trusted Digital Relationships with Customer Identity and Access Management (CIAM)

Overview

IoT and other new technologies require modern solutions like UMA for privacy and consent

No More Data About You, Without You

With UMA, sharing information is simple. While there are a few consent tools out there that go beyond the post-compliance opt-in and opt-out checkboxes, they are proprietary, thus limiting sharing capabilities to within the organization. Other privacy and consent tools lack options to empower consumers, such as granular access controls to determine who can do what with their data, the ability to revoke data access at will, and the security needed to prove who is accessing data.

 
Get Started Here

Get the technical resources and documentation to get started with ForgeRock User-Managed Access

Technical Resources
User-Managed Access (UMA) 2.0 Guide

Guide to configuring and using UMA features in ForgeRock Access Management.


Customizing UMA

Guide to Extending UMA Services with custom functionality to fit your deployment


Access Management Guide

Full Access Management documentation.

Retailers are Lagging Badly at Omnichannel Commerce

As we’ve previously explored, the future of retail will involve advanced online services and secure digital identity tools. But in the here-and-now, many retailers are struggling to bridge physical and digital commerce. At least, that’s the conclusion that comes courtesy of the Mobile Retail Report - Omnichannel Edition from Newstore.

Read More »

Thoughts on the Strava Heat Map and How to Secure the IoT

The topic du jour in the privacy and security space this week has been the recent news that a heat map published by the fitness tracking app provider Strava disclosed the location of secret military bases around the world. This Wired piece has all the unpleasant details. Having spent a stretch of my career working in the military cybersecurity community, I have a strong sense of how a disclosure of this nature will be concerning to many national security officials.

Read More »

Zero Trust – The Importance of an Identity-centered Security Program

This is the first follow-up to my blog post from December 11th, The CSO’s 4 Key Takeaways from Gartner IAM 2017. In this post I drill into my perspectives on why an effective security program must be identity-centered. Let’s start with a little bit of background on my perspectives about security so readers have a sense of where I’m coming from. One key thing that underpins my thinking is a belief that the zero trust model is the only real valid way to approach security for a modern enterprise.

Read More »

Digital Identity, the Key to Successful Financial Services

Financial services customers are demanding. They expect tech-savvy, efficient, and proactive products and services that fits conveniently into their digital lives, just like those created by Apple, Facebook, or Google.  To meet this high bar, financial institutions are undergoing digital transformations to differentiated, customer-centric services that are accessible from any device and tailored to individual preferences.

Read More »

Powering the Reference Bank Application for Open Banking

Open Banking is changing the way banks do business in the United Kingdom forever and as with any good regulation, there’s plenty of testing and requirements involved as well. Banks and fintechs haven’t just been left to their own devices when it comes to preparing to open up precious customer data to third parties.

Read More »

Implementing Delegated Administration with the ForgeRock 5.5 Platform
4 days 3 hours ago
Out of the box in 5.5, IDM (ForgeRock Identity Management) has two types of users – basic end-users and all-powerful administrators. You often need a class of users that fall between these extremes – users which can trigger a password reset action but cannot redefine connector configuration, for example. Another common need is for users to only be allowed to […]
Jake Feasel
Enhancing User Privacy with OpenID Connect Pairwise Identifiers
1 week 4 days ago
This is a quick post to describe how to set up Pairwise subject hashing, when issuing OpenID Connect id_tokens that require the users sub= claim to be pseudonymous.  The main use case for this approach, is to prevent clients or resource servers, from being able to track user activity and correlate the same subject’s activity across different applications. OpenID Connect […]
Simon Moffatt
8 years old !
2 weeks 5 days ago
Happy anniversary ForgeRock! It’s been 8 years since you first shout at the world What an amazing journey since then… And it’s only the beginning This blog post was first published @ ludopoitou.com, included here with permission.
Ludo
Enhancing OAuth2 introspection with a Policy Decision Point
1 month ago
OAuth2 protection of resource server content, is typically either done via a call to the authorization service (AS) and the ../introspect endpoint for stateful access_tokens, or, in deployments where stateless access_tokens are deployed, the resource server (RS) could perform “local” introspection, if they have access to the necessary AS signing material.  All good.  The RS would valid scope values, token […]
Simon Moffatt
How Information Security Can Drive Innovation
1 month ago
Information Security and Innovation: often at two different ends of an executive team’s business strategy. The non-CIO ‘C’ level folks want to discuss revenue generation, efficiency and growth. Three areas often immeasurably enhanced by having a strong and clear innovation management framework. The CIO’s objectives are often focused on technical delivery, compliance, uploading SLA’s and more recently on privacy enablement […]
Simon Moffatt
Platform

An Identity Platform Built with the IoT, CIAM, and You in Mind

Digital Identity

Your Customers...

Millions of customers use your digital services--whether cloud, mobile, or IoT. Protect their digital identities and consolidate customer information, so it's easy to create and personalize the customer experience. 

IoT

Their Things...

Cars, drones, street lights, gas pumps, wearables, medical devices... they all have a digital identity. With ForgeRock, you establish who these devices belong to, and decide how and with whom (or what) they interact.

Privacy

Their Choice.

Protect and respect privacy. With ForgeRock, you can let your customers share data selectively. Ask them what’s okay to share, how, when, and with whom. Put them in charge, and they’ll put their trust in you.

Get Started with the ForgeRock Identity Platform

Manage billions of digital identities on new cloud, mobile, and IoT services, all with one unified platform. Try it out today. 

TRY NOW