ForgeRock Access Management Core Concepts

ForgeRock Access Management Core Concepts (AM-400 Revision B)

This structured course comprises a mix of instructor-led lessons and demonstrations with plenty of lab exercises to ensure an opportunity to fully understand each of the topics covered. It provides students with a strong foundation for the design, installation, configuration, and administration of a ForgeRock Access Management (AM) solution. The objective of the course is to present the core concepts of access management, demonstrate the many features of AM, and provide hands-on experience that allows students to implement a full solution based on real-life use cases and including many ready to use features. 

Note: Revision B of this course is built on version 6.0 of ForgeRock AM.


This course is aimed at those responsible for overseeing various aspects of a successful deployment of ForgeRock AM. This includes, but is not limited to, those with the following responsibilities:

  • System Integrators
  • System Consultants
  • System Architects
  • System Developers
  • System Administrators

Upon completion of this course, you should be able to:

  • Implement default authentication with AM 
  • Configure web agents to control access
  • Enable user self-service self-registration basic flow
  • Configure intelligent authentication with trees
  • Configure an identity store
  • Retrieve user information with REST
  • Configure policies to control access
  • Extend entitlements using step-up authentication and transactional authorization
  • Configure AM as an OIDC provider and UMA authorization server
  • Demonstrate OAuth2, OIDC and UMA2 flows
  • Configure social authentication with Google
  • Customize AM themes for end user pages
  • Investigate the need to harden AM security
  • Install, upgrade and maintain an AM solution
  • Discuss AM clustering
  • Configure AM as a SAML2 entity

The following are the prerequisites to successfully completing this course:

  • Knowledge of Unix/Linux commands and text editing
  • An appreciation of HTTP and web applications
  • A basic appreciation of how directory servers function
  • A basic understanding of REST
  • A basic knowledge of Java based environments would be beneficial - programming experience is not required.

5 days

Chapter 1: Performing Basic Configuration
  • Lesson 1: Implementing Default Authentication
  • Lesson 2: Protecting a Website
  • Lesson 3: Empowering Users Through Self-Service
Chapter 2: Implementing Intelligent Authentication
  • Lesson 1: Extending Authentication Functionality
  • Lesson 2: Retrieving User Information
  • Lesson 3: Increasing Authentication Security
Chapter 3: Controlling Access Using Authorization
  • Lesson 1: Controlling Access
  • Lesson 2: Extending Entitlements
Chapter 4: Extending Services Using OAuth 2.0-Based protocols
  • Lesson 1: Integrating Low-Level Devices with OAuth 2.0 (OAuth2)
  • Lesson 2: Integrating Mobile Applications with OpenID Connect 1.0 (OIDC)
  • Lesson 3: Sharing Resources with UMA 2.0 (UMA2)
  • Lesson 4: Implementing Social Authentication
Chapter 5: Preparing for Production
  • Lesson 1: Customizing AM End User Pages
  • Lesson 2: Hardening AM Security
  • Lesson 3: Administering an AM Solution
  • Lesson 4: Installing and Upgrading AM
  • Lesson 5: Clustering AM
Chapter 6: Federating Across Entities Using SAML v.2 (SAML2)
  • Lesson 1: Implementing Single Sign-On Using SAML2
  • Lesson 2: Delegating Authentication Using SAML2
Available Courses
ForgeRock Access Management Core Concepts (BVP)
(AM-400-BVP Rev B)
ExitCertified - Americas Various
Dec 10, 2018 - Dec 15, 2018

ForgeRock Access Management Core Concepts (BVP)
(AM-400-BVP Rev B)
Tech Data UK - Europe Various
Dec 17, 2018 - Dec 21, 2018