ForgeRock Access Management Product Overview

ForgeRock Access Management Product Overview (AM-100)

This seminar is FREE of charge and will provide students with a high-level overview of the core ForgeRock® Access Management (AM) functionality. The seminar includes a mix of slides and demos, and does not include labs.

For labs and hands-on experience, come to one of the Core Concepts classes:

  • AM-400: ForgeRock® Access Management Core Concepts
  • IDM-400: ForgeRock® Identity Management Core Concepts
  • DS-400: ForgeRock® Directory Services Core Concepts
  • IG-400: ForgeRock® Identity Gateway Core Concepts

Note that Revision A of this course is built on version 6.5 of AM.
 

Target Audiences

This seminar is aimed at IT professionals who are interested in the advantages and functionality of ForgeRock Access Management:

  • System Integrators

  • System Consultants

  • System Architects

  • System Administrators
     

Objectives

Upon completion of this course, you should be able to:

  • Describe ForgeRock Entertainment Company (FEC), including the use case, customer identity and access management (CIAM) solution, the FEC portal, FEC AuthN and AuthZ requirements, and FEC requirements for authentication, authorization, federation, registration, and synchronization
  • Explain REST, when to use it, and integration accelerators such as agents and IG
  • Define context-related authorization, including static context and dynamic context
  • Discuss classic OAuth 2.0, including a calendar printing app, how to share subscriptions with a mobile device, and proof of possession (POP), as well as OpenID Connect (OIDC)
  • Describe how SAML works, list SAML features, introduce the players in a SAML scenario, and compare related technologies
  • Explain tooling including auditing and monitoring, and online and in-person resources
     

Prerequisites

There are no prerequisites.
 

Duration

1/2 day
 

Course contents

Chapter 1: Introducing the FEC Use Case

Lesson 1: The FEC Use Case

  • Introduce the ForgeRock Entertainment Company (FEC) use case

  • Review the FEC customer identity and access management (CIAM) solution

  • Understand how the FEC portal works

  • Understand FEC authentication, authorization, and federation requirements
     

Chapter 2: Authentication (AuthN)

Lesson 1: Authentication Mechanism (Trees)

  • Introduce authentication

  • Understand security requirements and authentication features, including features from the ForgeRock Marketplace and custom features

  • Review authentication versus known identity

  • Explain flexible authentication and intelligent authentication

Lesson 2: Session Management

  • Understand the challenge of using a stateless protocol, such as HTTP

  • Learn about the advantages of server sessions and client sessions

Lesson 3: SSO

  • Understand why single sign-on (SSO) is used

  • Introduce domain cookies, including advantages, challenges, and solutions
     

Chapter 3: Integrating a resource to protect

Lesson 1: REST

  • Introduce the REST interface

Lesson 2: Integration Accelerators

  • Introduce agents

  • Understand the ForgeRock Identity Gateway (IG) flow

  • Review the features IG adds to your application

  • Introduce policy agents

  • Understand the difference between IG and policy agents

  • Review scenarios for protecting a service
     

Chapter 4: Context-related authorization (AuthZ)

Lesson 1: Classic Authorization

  • Introduce the main types of authorization: static and classic

Lesson 2: Extending Authorization

  • Review the different ways to extend authorization including using scripts and writing code
     

Chapter 5: OAuth 2.0 and OIDC

Lesson 1: OAuth 2.0

  • Introduce OAuth 2.0

  • Understand the OAuth 2.0 protocol flow

  • Review classic use cases

  • Understand OAuth 2.0 in the mobile world

  • Learn about proof of possession (PoP)

Lesson 2: OIDC

  • Introduce OIDC

  • Learn about OIDC versus OAuth 2.0

  • Review an OIDC token example

  • Discuss a typical use case

Lesson 3: UMA

  • Introduce UMA

  • Review typical use cases

  • Understand UMA architecture

  • Review a UMA federated authorization grant flow
     

Chapter 6: SAML

Lesson 1: How SAML Works

  • Learn how SAML works

  • Review SSO cookies versus SAML versus OIDC

  • Understand SAML features and players
     

Chapter 7: Tools

Lesson 1: Auditing

  • Introduce auditing, including the common audit framework

Lesson 2: Monitoring

  • Introduce monitoring

  • Review monitoring tools, including Prometheus and Grafana

  • Understand Prometheus and its architecture

  • Understand how to use Grafana to visualize data

Lesson 3: Additional Resources

  • Learn about other resources available to you, including online resources such as Backstage, Knowledge Base, Marketplace, and in-person resources such as conferences, Meetups, and ForgeRock University courses

Lesson 4: Trending

  • Introduce current trends including microservices, the cloud deployment model, and supported clouds

  • Review about ForgeRock DevOps and deployment technology

  • Learn about ForgeRock University courses

Available Courses
ForgeRock Access Management Product Overview (Self-Paced)
(AM-100-SP Rev A)
Americas - Online (EST)