1 Introduction
ForgeRock is a privately held information technology and services vendor headquartered in San Francisco, California, USA. The company was founded in 2010 in Norway by a group of former employees of Sun Microsystems after it was acquired by Oracle to prevent the phasing out of Sun’s identity products. With the focus on developing a unified platform, ForgeRock continued to work on an open source IAM stack based on Sun’s IAM projects, finally achieving the goal of shipping the complete ForgeRock Identity Platform by 2013.
Over the years, the company has grown into one of the leading identity and access management solution vendors with a strong global presence around the world with offices in the USA, UK, Germany, France and Norway, as well as in Singapore and Australia. ForgeRock is one of the very few players in the market that is able to offer a unified platform for managing all types of digital identities - people, devices, applications or smart things – as opposed to a “suite” composed of insufficiently integrated products resulting from multiple acquisitions. Among these, ForgeRock is the only one able to successfully commercialize the open source model, making the complete source code of major releases available for free and earning revenue from subscriptions, maintenance releases and updates, legal indemnification and training. The ForgeRock Trust Network, the company’s partner ecosystem, currently includes over 70 technology partners, system integrators and OEM partners around the world. Naturally, there is also a large developer community around the company’s open source projects.
With all the profound changes the Digital Transformation is bringing to the IT industry in general and Identity and Access Management services in particular, it’s becoming clear that traditional loosely coupled enterprise IAM infrastructures are no longer capable of keeping up with the latest challenges like supporting multiple identity types, securely interacting with the Internet of Things or addressing privacy and consent issues. ForgeRock’s answer to these challenges is their next-generation “Identity Relationship Management” platform, which extends the traditional IAM concepts to the Internet scale, enabling new communications channels with external partners, consumers and IoT devices, and integrating the concept of user-managed access directly into the platform, thus elevating customer trust beyond just compliance and data protection regulations.
Based on open standards and fully available under an open source license, the platform is designed to be modular and flexible, yet integrated and purpose-built. At the platform’s foundation are the ForgeRock Shared Platform Services, which provide a common programming interface, standardized GUI, APIs, scripting, logging and auditing and other important functions, upon which the key IAM solutions are implemented.
The platform comprises the following products: Access Management (OpenAM open source project) for identity federation, strong authentication and user self-service across multiple platforms, devices and channels; Identity Management (OpenIDM) for provisioning and managing digital identities; User-Managed Access (OpenUMA) implementing standards-based privacy and consent; Directory Services (OpenDJ) for consolidating identity data across multiple services and, last but not least, Identity Gateway (OpenIG), which extends centralized identity management and policy enforcement across applications, APIs, devices and smart things.