The aim of this course is to showcase the key features and capabilities of the versatile and powerful ForgeRock® Access Management (AM). It provides the student with the knowledge and confidence to manage their own environment. It is accepted that this course is not able to demonstrate all the features and capabilities of AM. Further information and guidance can be found in the documentation and knowledge base in the online repositories at: Backstage https://backstage.forgerock.com.
- This course revision is based on version 7 of AM.
Skills Gained
- Start with an unprotected website and end up with a fully functional access management solution where every user trying to access the website is redirected to AM for authentication
- Improve access management security in AM with multi-factor authentication (MFA), context-based risk analysis, and continuous risk checking
- Implement OAuth 2.0 (OAuth2) based protocols; namely, OAuth2 and OpenID Connect 1.0 (OIDC), to enable low-level devices and mobile applications to make requests that access resources belonging to a subscriber. AM can be configured to function as an OIDC client and delegate authentication to social media OIDC providers
- Demonstrate federation across entities using SAML v2.0 (SAML2) with AM
- Install a new AM instance configured with external directory server data stores as the foundation for an AM cluster
Who Can Benefit
- ForgeRock Access Management Administrators
- System Integrators
- System Consultants
- System Architects
- System Developers
Prerequisites
- Completion of the ForgeRock® Access Management Essentials course available at:
- https://www.forgerock.com/support/university/forgerock-university/forgerock-access-management-essentials
- Knowledge of UNIX/Linux commands
- An understanding of HTTP and web applications
- A basic understanding of how directory servers function
- A basic understanding of REST
- A basic knowledge of Java based environments would be beneficial, but no programming experience is required
Course Outline
Chapter 1: Enhancing Intelligent Access
- Lesson 1: Exploring Authentication Mechanisms
- Lesson 2: Protecting a Website With IG
- Lesson 3: Controlling Access
Chapter 2: Improving Access Management Security
- Lesson 1: Increasing Authentication Security
- Lesson 2: Modifying a User’s Authentication Experience Based on Context
- Lesson 3: Checking Risk Continuously
Chapter 3: Extending Services Using OAuth2-Based Protocols
- Lesson 1: Integrating Applications With OAuth2
- Lesson 2: Integrating Applications With OIDC
- Lesson 3: Authenticating OAuth2 Clients and using mTLS in OAuth2 for PoP
- Lesson 4: Transforming OAuth2 Tokens
- Lesson 5: (Optional) Implementing Social Authentication
Chapter 4: Federating Across Entities Using SAML2
- Lesson 1: Implementing SSO Using SAML2
- Lesson 2: Delegating Authentication Using SAML2
Chapter 5: Installing and Deploying AM
- Lesson 1: Installing and Upgrading AM
- Lesson 2: Hardening AM Security
- Lesson 3: Clustering AM
- Lesson 4: Deploying the Identity Platform to the Cloud