ForgeRock IDM basic Features

ForgeRock Identity Governance

  • Perform a periodic view of access by users, managers or application or data owners.
  • Set policies on access, risk, and Segregation of Duties(SoD) violations so that reviewers can make informed decisions about whether access is valid or not.
  • Integrates into workflows within IDM so you can take immediate remediation actions.

Components of identity governance

Access request

  • Employees require additional access to resources to perform their job
  • Employee applies membership to other company facilities.
  • Managers request additional roles to be applied to some or all their direct reports.

Access Review

  • Managers need to periodically sign off access for their direct reports:
  • All roles
  • Sensitive or high-risk roles
  • Provisioning roles in IDM that lead to role/group membership on remote systems
  • Roles, access, and entitlements on remote systems
  • Role owners need to periodically sign of:
  • All roles they are responsible for
  • Assignments that are given through the roles they maintain
  • Process owners need sign off:
  • New toxic role combinations of user
  • The prolongation of accepted exceptions

Identity Reporting

  • Run any queries against the repository to create reports and statistics for:
  • Certification campaigns
  • Users
  • Certification status
  • Access request
  • chedule reports
  • Automatically send reports to the relevant recipients.

Self-service features

  • IDM provides a simple, customizable web interface and REST API that lets users register, view, and change their personal information
  • Password resets and changes to user profile information can be synchronized across all target user account for consistent data in all relevant systems.
  • The self-service feature uses multi-factor authentication to allow your employees to reset their passwords automatically.


  • Self-registration lets user create their own accounts on your system with customizable criteria.
  • Multiple user self-registration flows are supported if you need to set up different portals for customers and partners.
  • IDM leverages standards-based integration with the social networks to register users seamlessly based on the OAuth 2.0 and OpenID Connect 1.0 standards

Data synchronization

How IDM synchronizes data

  • Set up a connection between the source and target resource.
    Connector configurations reference a specific connector type and indicate the connection details of the external resource. Connector configurations are defined in conf/provisioner-*.json files. One provisioner file must be defined for each external resource to which you are connecting.
  • Map source objects to target objects.
    Mappings are defined in your project’s conf/sync.json file or in individual mapping files. Mappings are synchronized in the order in which they are specified in the sync.json file. If there are multiple mapping files, the sync after property dictates the order in which they are processed.
  • Configure any scripts that are required to check the source and target objects, and to manipulate attributes

Role-based provisioning

Role Types:

Identity visualization

IDM Workflow

  • Self-registration
  • New user Onboarding
  • Account certification
  • Requests for entitlement, roles, or processes
  • Running approvals with escalations
  • Performing maintenance tasks

Flowable process engine

  • Compiles with the Business Process Model and Notation 2.0(BPMN 2.0) standard
  • Default workflows provided with IDM use the Vue JS framework for display in the end-user.
  • Use the standard Flowable from properties
  • Create a custom form template for more complex functionality.

How to invoke workflows

  • Situations discovered during reconciliation
  • Directly from the end-user UI
  • A script




REDCAP Digital solutions is an Information Technology provider which deals in Identity and Access Management, Blockchain development, Software Development.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Encryption in Gorm

Kotlin Beautiful Low Energy (BLE)


Achieving RDS password rotation with Secrets Manager

Imbue Network Partners with SubQuery

Your personal salary estimate as an Android Developer is $$$

New Light Technologies Announces the Automated Infrastructure Compliance Framework (AICF)

Spring Batch — XML File Output

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


REDCAP Digital solutions is an Information Technology provider which deals in Identity and Access Management, Blockchain development, Software Development.

More from Medium

How does Slazzer’s API work?

Top 6 Use Cases For Web Automation In Accounting

How to Create RESTful API For CRUD Application in CodeIgniter 4

Best way to Speed up WordPress​​Website