00:00:20.040 --> 00:00:26.730
Alexandra Kenney: hey everyone we'll just give participants another minute to join and we'll get started here so we'll just give it another minute.
00:00:58.080 --> 00:00:59.820
Right giving him another little bit.
00:01:00.900 --> 00:01:02.910
More people to join and we'll get started.
00:01:16.980 --> 00:01:27.780
Alexandra Kenney: Okay, everyone hello, and welcome to today's webinar it's titled an introduction to Ford rock identity cloud, my name is Alexandra i'll be the emcee for the next hour, so thank you so much for joining the conversation today.
00:01:28.170 --> 00:01:34.380
Alexandra Kenney: Before we get started we'll cover some of the webinar functionalities so during the webinar everyone's microphones will be muted.
00:01:34.680 --> 00:01:41.550
Alexandra Kenney: But we want this to be an open discussion so if you have any questions at all, please enter them in the Q amp a box or chat window at the bottom of your screen.
00:01:42.090 --> 00:01:50.850
Alexandra Kenney: There will be a dedicated question and answer session after the presentation so today's webinar is also being recorded and a copy is going to be sent out to all registrants at the end of.
00:01:52.290 --> 00:02:00.570
Alexandra Kenney: today's speaker, we have Michael stapleton he's an exit certified instructor Michael started programming in the early 1980s and began training others in 1999.
00:02:01.050 --> 00:02:09.600
Alexandra Kenney: Today, has expertise in teaching a broad suite of technologies, including communities Miranda stalker aws for drug to do and enterprise Java development.
00:02:10.110 --> 00:02:17.970
Alexandra Kenney: Michael has been a trainer with us certified since 2004 so you might ask yourself why choose certified, for your for drop trading.
00:02:18.660 --> 00:02:21.360
Alexandra Kenney: So professionals like you have been training with us since 2001.
00:02:22.200 --> 00:02:27.330
Alexandra Kenney: You want to know that your training provider has the credibility to earn your organization's trust and exit certified delivers.
00:02:27.720 --> 00:02:38.400
Alexandra Kenney: We have vendor approved it, training, which is our only business when you train in our facilities you'll find well equipped equipped classrooms and friendly staff who are dedicated to making your learning experience comfortable and productive.
00:02:38.850 --> 00:02:47.250
Alexandra Kenney: And when you train remotely with our I mvp virtual platform you'll see that our investment in technology makes online learning every bit as engaging as the training that you take in person.
00:02:47.880 --> 00:02:59.190
Alexandra Kenney: So if you have any questions about why you should take a for job training course with exit certified or which courses right for you reach out to us and we'll get started with our presentation here today, so Michael I want to hand it off to you.
00:03:00.570 --> 00:03:05.370
Michael Stapleton: All right, well, thank you very much i'll agenda Alexandra welcome everybody.
00:03:05.640 --> 00:03:06.750
Michael Stapleton: My name is Mike stapleton.
00:03:06.990 --> 00:03:14.790
Michael Stapleton: i'm going to be your guide for this look at what the Ford truck I didn't have any cloud really is.
00:03:16.890 --> 00:03:23.520
Michael Stapleton: That you think is the first time I start teaching i've been doing it since 1999 and still have a hard time with PowerPoint Okay, this is me.
00:03:24.090 --> 00:03:34.620
Michael Stapleton: For drug identity cloud, but what we're going to do is to i'm going to start with the identity cloud i'm actually going to finish with it because I always find that if you really want to understand something.
00:03:35.040 --> 00:03:37.710
Michael Stapleton: You kind of need to look at the problems it solves.
00:03:38.340 --> 00:03:47.550
Michael Stapleton: And why we do that you're going to see that the identity cloud is actually made up of some other products that are put together as a hosted managed solution.
00:03:47.880 --> 00:03:56.130
Michael Stapleton: So i'm gonna work backwards from the problems and the components and the features that we end up with in the identity cloud, and I think that makes.
00:03:56.730 --> 00:04:02.610
Michael Stapleton: easier way better way to actually truly understand what's going on here so pieces and things we're going to talk about in here.
00:04:03.330 --> 00:04:13.500
Michael Stapleton: First off some major components, we have something called access manager it's kind of original idea was all about achieving single sign on.
00:04:13.800 --> 00:04:27.450
Michael Stapleton: We delegate authentication and authorization to this component, and so we have resources, we want to protect and am is our way of controlling who can do what within those resources so there's that part where you look at.
00:04:28.050 --> 00:04:37.470
Michael Stapleton: Now it requires some kind of enforcement mechanisms access manager itself is kind of makes the decisions about who can get in and how we authenticate people.
00:04:37.890 --> 00:04:46.470
Michael Stapleton: Identity gateway is a component as you'll see it's a fact it's a reverse proxy and we route our traffic through this reverse proxy.
00:04:47.010 --> 00:04:57.810
Michael Stapleton: In front of our resources so anything users mobile devices services that want to access our resources we actually route, the traffic through the identity gateway.
00:04:58.170 --> 00:05:09.840
Michael Stapleton: And it has the opportunity to do enforcement of our policies as configured access manager so it's really the security guard everything goes through there and it can say no you're blocked.
00:05:11.010 --> 00:05:21.810
Michael Stapleton: The next big thing from a large standpoint is identity manager right identity information we have information about.
00:05:23.070 --> 00:05:30.540
Michael Stapleton: We often say users, but really it's it's things and people are just a form of thing sounds bad when I say like that, but.
00:05:31.320 --> 00:05:42.690
Michael Stapleton: yeah you had like iot devices, you have human beings, we have information about things and people, and we did manage that information on behalf of applications that actually need to use that information.
00:05:43.290 --> 00:05:51.780
Michael Stapleton: An example right now would be access manager when access manager needs to authenticate someone who needs access to their credentials and identity information.
00:05:52.650 --> 00:06:02.220
Michael Stapleton: who manages that information not access manager it just uses it, so we have to manage the actual identity, information and that's mainly identity manager.
00:06:03.780 --> 00:06:06.930
Michael Stapleton: Now we're also going to talk about remote connection servers.
00:06:07.380 --> 00:06:17.400
Michael Stapleton: This is something has been around for a while, but is this really, really important when we get into the identity cloud, because what we're going to have with the identity cloud is a hosted manage.
00:06:17.790 --> 00:06:26.100
Michael Stapleton: Instances of these programs access manager identity manager everything we're going to talk about here it's going to be hosted managed by for drag on for drunk on the cloud.
00:06:26.670 --> 00:06:37.470
Michael Stapleton: So they need access to your systems internally how do we accomplish that for identity information we have these things, called remote connection servers.
00:06:37.860 --> 00:06:48.300
Michael Stapleton: Where the cloud through these remote connection servers can get access to the repositories where you have identity information, so it can help manage them so you'd be running these locally.
00:06:48.570 --> 00:06:55.500
Michael Stapleton: Either on Prem or maybe on another cloud, in the end their processes that we run in vm so they can run anywhere really.
00:06:56.310 --> 00:07:05.700
Michael Stapleton: anytime you're taking any cloud training and they say, and you can do this on Prem it's also another way of saying you could also do this on another cloud vendor just saying.
00:07:07.830 --> 00:07:19.920
Michael Stapleton: yeah the identity platform is basically all of these things integrated because these can be deployed as individual components, when we do integrate them together, though it brings in.
00:07:21.330 --> 00:07:28.740
Michael Stapleton: A change to them a bit one of the main things is journeys we're going to look at journeys journeys are kind of the magical super.
00:07:29.520 --> 00:07:40.470
Michael Stapleton: As an administrator trying to manage your, how do you manage identity information user self service, how do you authenticate people do you push through push notifications.
00:07:41.040 --> 00:07:54.990
Michael Stapleton: customizing all of that, historically, not so much fun, a lot of work, employment, a lot of work for a lot of time trying to figure it, but now we actually can manage all of that stuff with a drag and drop interface.
00:07:55.500 --> 00:08:10.440
Michael Stapleton: it's really sweet so we're going to take a look at that give you an example and then finally we'll end up yeah the identity cloud so you'll see it's all of these things put together, plus a little bit of extra stuff and i'll give you a little DEMO of what that looks like later on.
00:08:11.790 --> 00:08:18.000
Michael Stapleton: So start off with here yeah for drunk identity cloud is an identity and access management solutions.
00:08:18.480 --> 00:08:28.200
Michael Stapleton: Specifically, identity and so that's those two components identity, IBM identity manager and access manager right So those are major components are going to see here.
00:08:29.130 --> 00:08:38.430
Michael Stapleton: So access manager been around for a long time started way back when sun Microsystems so it's robust it's it's all the.
00:08:39.000 --> 00:08:46.530
Michael Stapleton: bugs have been worked out for most of the functionality if it's well groomed been around for a long time super configurable.
00:08:47.250 --> 00:08:57.990
Michael Stapleton: it's got a long history here now access manager itself yeah so that's its primary goal your login once and you can access anything behind it, so it does authentication.
00:08:58.380 --> 00:09:07.530
Michael Stapleton: And authorization right who are you and then, once we decide who you are you allowed it does also integrate with external system, so it supports federation saml.
00:09:08.880 --> 00:09:24.990
Michael Stapleton: author as well, so if you want to integrate with social identity providers right logins Google, Facebook those kinds of things no problem supports user managed authorization, if you are developing some kind of a service, where the users within your service need to be able to.
00:09:26.130 --> 00:09:35.910
Michael Stapleton: share information among themselves, so a user shares their information with another user and can share if you need that functionality, you must kind of an open standard way of doing that.
00:09:36.150 --> 00:09:44.310
Michael Stapleton: So before you try to write everything from scratch seriously look at using it, and access manager will help you way along that lines, because it supports it.
00:09:45.930 --> 00:09:50.730
Michael Stapleton: adaptive risk you'll see when we configure our authentic especially authentication.
00:09:51.390 --> 00:09:58.320
Michael Stapleton: How do you authenticate people and authorization, how do you authenticate them for different areas in your site, because you might.
00:09:58.590 --> 00:10:07.890
Michael Stapleton: decide that if they if they just need basic access to the site will just do a username and password but if they need to access their profile information or something along those lines.
00:10:08.430 --> 00:10:18.450
Michael Stapleton: Maybe then we're going to do some form of step up authentication yeah you're already logged in but we're now we're going to get you to log in a different way, this time we're going to ask you for push.
00:10:18.840 --> 00:10:28.230
Michael Stapleton: notifications, so you get a notification a mobile device, you know click on the button yeah that's you you're proving you control the device maybe a Retinal scan maybe blood from you know.
00:10:29.010 --> 00:10:32.550
Michael Stapleton: it's really, really, flexible and you can make your own custom.
00:10:33.120 --> 00:10:41.730
Michael Stapleton: Know customizable nodes and there's third party marketplace for notes and things so really, really, and then the intelligent part is you can craft it just exactly the way you want.
00:10:42.180 --> 00:10:56.130
Michael Stapleton: Based on the information someone connecting so if someone's connecting from some strange country that they normally don't well, you can you know do multifactor you can yeah really, really customizable rest API for everything.
00:10:57.450 --> 00:11:05.940
Michael Stapleton: yeah scripts that you can have custom scripts executed when people are doing authentication for sure yeah that's pretty cool the.
00:11:07.050 --> 00:11:17.790
Michael Stapleton: In Am I should say they have what are called trees, but then you'll see they get kind of renamed to journeys later on, they become journeys in the platform and currently we're calling journeys.
00:11:18.180 --> 00:11:20.760
Michael Stapleton: I really liked the name journey and call them trees, you know.
00:11:21.120 --> 00:11:31.260
Michael Stapleton: So originally the retreats and the ideas, you have a ui which i'll show you later on, and you drag and drop and connect nodes which represents some kind of functionality together, so this is just a simple.
00:11:31.740 --> 00:11:39.780
Michael Stapleton: example of someone needs to get authenticated and we're first going to check to see if they provided username and password is http headers.
00:11:40.140 --> 00:11:48.600
Michael Stapleton: If they did we're going to go and use our identity story to see you know, did they got the right username password if they do yay they're in.
00:11:49.470 --> 00:11:55.920
Michael Stapleton: If they didn't provide them as headers well then, you know we'll assume they have a web browser and we're going to send them back.
00:11:56.460 --> 00:12:03.750
Michael Stapleton: You know, actually doesn't have to be a web browser shouldn't say that because it could be a mobile device or something we're going to send what's called a call back.
00:12:04.410 --> 00:12:11.370
Michael Stapleton: Which is a json object saying hey give me your username give me your password and then we'll use that information to uh to authenticate them.
00:12:11.790 --> 00:12:21.240
Michael Stapleton: And again if they're in their end and, if not well we're just looking around here a real world, you would have more involved in here like maybe retreats and things and.
00:12:21.780 --> 00:12:23.550
Michael Stapleton: locking accounts they retried too much.
00:12:23.820 --> 00:12:32.070
Michael Stapleton: But yeah you can implement all those extra features as you want, if you need something done if someone logs in you just want to keep track of how many logins there is without credentials.
00:12:32.280 --> 00:12:39.630
Michael Stapleton: You could drop another node in the middle here as just a counter of some sort and then through metrics you can see the value of that counter over time.
00:12:40.800 --> 00:12:51.360
Michael Stapleton: it's not just its administrative requirements, you can also doing here business requirements there's a little more complex example using push authentication.
00:12:52.560 --> 00:12:58.890
Michael Stapleton: And you can combine these all together, so in this case we're going to get their username password and then we're going to send a.
00:12:59.400 --> 00:13:09.960
Michael Stapleton: notification to their device if their devices registered in this case well too bad and maybe in the real world, you would have another note in here that they could register their device.
00:13:11.100 --> 00:13:19.530
Michael Stapleton: If we did send the notification then we're going to wait and if it's successful assess again failure and basic not real world, you.
00:13:20.070 --> 00:13:29.670
Michael Stapleton: got to fit it on the screen, but you can customize in any way you want you're just grabbing nodes there's a whole bunch of nodes and connect them together to implement here functionality.
00:13:30.930 --> 00:13:41.790
Michael Stapleton: The identity gateway yeah, we need a policy enforcement point we've got to route traffic through something that can block that's his main main reason.
00:13:42.300 --> 00:13:54.810
Michael Stapleton: For in this discussion, but it is a reverse proxy and you can use it standalone for other purposes it's just one of its major features is a policy enforcement point, but it can do data wrangling.
00:13:55.590 --> 00:14:07.800
Michael Stapleton: munching of data same idea as traffic goes through it, it can change it, you can even have scripts executed that control how that data is changed it's really, really, really flexible.
00:14:08.670 --> 00:14:18.690
Michael Stapleton: It also is available in micro gateway basically a sidecar in Cooper nettie So if you have anything running, especially in creating these.
00:14:19.530 --> 00:14:27.960
Michael Stapleton: microservice architected applications and whatnot and you want to enforce authentication authorization in between your micro services now.
00:14:28.410 --> 00:14:42.570
Michael Stapleton: We have support for that also I don't mention it here, but we have support for iot devices and much more than mentioned during this lecture check out for drug COM.
00:14:44.220 --> 00:14:48.450
Michael Stapleton: So here's a bit of the architectural story then give you hear.
00:14:49.320 --> 00:15:01.350
Michael Stapleton: A little bit of drawing bring a paint here despite mean it, so the basic idea is that we have our users may be mobile devices, something that wants access to our resources that are over here right.
00:15:01.740 --> 00:15:08.700
Michael Stapleton: So, instead of having directly talk to those resources what we'll do is we'll route, the traffic through the identity gateway.
00:15:09.300 --> 00:15:13.710
Michael Stapleton: And the identity gateway is going to look to see if they have some form of credentials some token.
00:15:14.220 --> 00:15:24.480
Michael Stapleton: And if they don't pretty typical will have them redirected to aim to actually authenticate them and then through those trees later on journeys.
00:15:25.050 --> 00:15:36.810
Michael Stapleton: You can totally customized how they get authenticated once we've authenticated them and often based on identity information stored and all that right so maybe ad or some other elder there.
00:15:37.740 --> 00:15:45.750
Michael Stapleton: They get sent back, so let me just clean it up a bit and now they're coming back with the actual token now we know who they are right it knows who they are.
00:15:46.410 --> 00:15:52.950
Michael Stapleton: underneath it's a lot more complicated this, by the way, soon IDC underneath to get that token over there, but they end up with a token.
00:15:53.370 --> 00:16:04.290
Michael Stapleton: And then we can do authorization so now that it knows who they are, it can send in a request to am saying hey you know, are they allowed us it's asking for a policy decision.
00:16:04.830 --> 00:16:18.090
Michael Stapleton: And, based on the configuration of things, called policies can then return say yeah this user is allowed to do these things to that resource and totally customizable script double if you need a dynamic.
00:16:18.330 --> 00:16:28.650
Michael Stapleton: But it's going to come back with yeah, this is what they're allowed to do, and then the policy enforcement part of it, you can go oh yeah well access manager, the decision point says you're not alone.
00:16:29.610 --> 00:16:35.370
Michael Stapleton: And that you could have a redirect somewhere and other site where we need to do or yeah let him through I don't they get access.
00:16:36.240 --> 00:16:39.720
Michael Stapleton: And then the sso part comes in here is that now they've been authenticated.
00:16:40.050 --> 00:16:50.670
Michael Stapleton: If they need to access another site, while they can just go off and access it because they've already logged in as long as they're authorized no problem, so they log in once now then go off and access all these different Apps.
00:16:51.630 --> 00:17:11.550
Michael Stapleton: This guy can also add data, instead of the data it can add user identity information for those Apps so they know who they're talking about other things yeah that's the kind of major story for, and it does have a bit of user self service and because it could be used stand alone.
00:17:13.110 --> 00:17:16.710
Michael Stapleton: yeah there are companies that just use am all by itself.
00:17:18.090 --> 00:17:23.550
Michael Stapleton: It works, and if you need to automate things devops it's all rest API driven.
00:17:26.130 --> 00:17:28.650
Michael Stapleton: Alright let's keep going.
00:17:29.820 --> 00:17:30.990
Michael Stapleton: So am.
00:17:32.250 --> 00:17:44.730
Michael Stapleton: I density manager identity manager is concerned with the creation and management of really management of identity, information and synchronizing it to other locations.
00:17:45.900 --> 00:17:58.530
Michael Stapleton: The managing of information, it has a rest API has just administrative interfaces so that you can see, and manage identity information but also it has user self service interfaces kinda like am does.
00:17:59.070 --> 00:18:08.610
Michael Stapleton: But specifically for identity information, where users can see their own profile information they can update it as user self service they can recover their passwords all that.
00:18:09.090 --> 00:18:18.360
Michael Stapleton: Normal stuff that users need to do so that's the sense of creating and managing identity, information and then the other big part is the synchronizing of it.
00:18:19.290 --> 00:18:27.660
Michael Stapleton: IBM was originally designed so that we could leave our applications using their identity in their preferred identity store the way they want it.
00:18:27.900 --> 00:18:32.820
Michael Stapleton: Instead of trying to make all of your systems use one identity store where you can kind of have it all centralized.
00:18:33.510 --> 00:18:43.530
Michael Stapleton: It just leaving leaving using their default and then have a third party APP identity manager to synchronize that information in between those systems that's its main reason for being.
00:18:44.010 --> 00:18:50.280
Michael Stapleton: Because in a large enterprise environment trying to make everything except the same schema in the same location.
00:18:50.760 --> 00:19:00.930
Michael Stapleton: becomes really brittle and just non working if you're coming from a windows environment with ad and everything's just using it there, it might not seem like such a big problem, but from an enterprise, especially unix.
00:19:01.530 --> 00:19:09.330
Michael Stapleton: Linux background yeah trying to make every application access the one the scheme and all that problematic.
00:19:10.680 --> 00:19:20.160
Michael Stapleton: Other things identity manager does is the identity kind of lifecycle information so perfect example here is knowledge based questions you know when you.
00:19:21.150 --> 00:19:28.290
Michael Stapleton: register account somewhere in that they want to be able to have an alternative way to authenticate you, for example, if your password expires.
00:19:28.710 --> 00:19:35.940
Michael Stapleton: they're going to want to know hey what's your mother's maiden name what's your favorite color knowledge based questions issues with that is.
00:19:36.930 --> 00:19:39.960
Michael Stapleton: Well, what if things change what if you need or.
00:19:40.290 --> 00:19:47.160
Michael Stapleton: Maybe in the beginning, you set everything up and you're just asking one of the security questions so customers answer one security question with.
00:19:47.370 --> 00:19:51.270
Michael Stapleton: Summer what's your favorite color other ones what's your mother's maiden name that kind of thing.
00:19:51.600 --> 00:20:01.230
Michael Stapleton: And then later on policies change and you decide, no, no, no, no, when someone goes to recover their password, we have to ask for two or three or more right, not just the one question.
00:20:01.650 --> 00:20:12.030
Michael Stapleton: Well you've got a whole bunch of users who on boarded but only answered one question, you need to come make them come back and answer additional questions, otherwise the next time the password expires.
00:20:13.140 --> 00:20:14.670
Michael Stapleton: they're not going to recover the password.
00:20:15.480 --> 00:20:22.740
Michael Stapleton: And doesn't support that right, whereas IBM will, when you make changes to your requirements, IBM, the next time users come along.
00:20:22.980 --> 00:20:35.640
Michael Stapleton: It can prompt them Oh, you need to answer another question, and then they can select from the available questions updated now next time in the future if their password expires they've got all their questions, up to date and it'll work.
00:20:36.420 --> 00:20:48.180
Michael Stapleton: same thing with something called progressive profiling great you on boarded people you got the information you thought you needed but business requirements change and now they've decided we need everyone's telephone number.
00:20:48.780 --> 00:20:56.190
Michael Stapleton: So you have all these identities, no telephone number well with IBM next time people go to IBM or at some point, later on, is you control it.
00:20:56.700 --> 00:21:06.930
Michael Stapleton: You can have it to prompt them for the telephone information you don't have to write code or anything to do that really so this kind of idea of managing the lifecycle of your identity information, it helps with that.
00:21:08.130 --> 00:21:18.990
Michael Stapleton: The compliance part yeah dashboards for the users, so that users can see the information you have they can delete it, they can also do things like control, whether you share.
00:21:19.230 --> 00:21:26.580
Michael Stapleton: Their information with third party it's a marketing companies and whatnot they can they can actually control that through their ui if you support it.
00:21:27.120 --> 00:21:34.920
Michael Stapleton: So users can say yeah I don't, mind you, sharing my information with marketing, but in the future, they could go and they could say no, I don't want that anymore.
00:21:35.160 --> 00:21:46.020
Michael Stapleton: And underneath that actually controls were identity manager copies data to so when someone can sense their data might end up in some kind of a database or csv file that's used for that purpose.
00:21:46.350 --> 00:22:04.740
Michael Stapleton: And then, when they change their mind later on actually get removed out of it, so the users themselves are controlling the lists that you use for doing different functionality marketing email campaigns those kinds of things that the ui helps with compliance regulatory requirements and.
00:22:06.780 --> 00:22:14.100
Michael Stapleton: Again, a lot more name does, because this is what it does and also really highly customizable scripted event driven.
00:22:16.020 --> 00:22:16.500
Michael Stapleton: yeah.
00:22:17.520 --> 00:22:21.390
Michael Stapleton: Often, when you're learning these things, the fact that they're so.
00:22:23.310 --> 00:22:33.090
Michael Stapleton: customizable and they're a bit amorphous it gets it's hard to learn the beginning, because the idea with for drop products is you, they integrate into your stuff.
00:22:33.450 --> 00:22:46.530
Michael Stapleton: You don't change everything the work before drug for drug adapts to work with you, so it has to be really, really, flexible and configurable there's usually many different ways of accomplishing the same thing because different people need things a little differently.
00:22:47.610 --> 00:22:57.090
Michael Stapleton: hey here's the basic architectural story for IBM, and the idea here is, we have different identity stores.
00:22:58.890 --> 00:23:05.910
Michael Stapleton: So, like this, let me get my pen right this guy over here are these applications, they said they're all just kind of.
00:23:06.510 --> 00:23:12.690
Michael Stapleton: How whatever they're storing there I you had different places where you have identity, information and it doesn't need to be the same.
00:23:12.990 --> 00:23:19.470
Michael Stapleton: And the idea here generally is you configure what are called connectors connectors are plugins to get access to these external systems.
00:23:19.710 --> 00:23:30.450
Michael Stapleton: So that could be databases that could be files that could be ssh connections that could be rest APIs they could be anything you can make your own custom connectors and then that gives IBM access to these systems.
00:23:31.320 --> 00:23:43.560
Michael Stapleton: i'll just do these kind of lines in here and then through these connectors we can send data that could be multi directional it could be single directional but the these plugins give us access.
00:23:44.010 --> 00:23:54.360
Michael Stapleton: And when you configure mapping you get you control which identities when which attributes of which identities, you synchronize between all of the system.
00:23:54.720 --> 00:24:05.010
Michael Stapleton: So you can set it up, so that if your users created in one site, it can get synchronized into IBM and then maybe that information only goes out to to other places.
00:24:06.450 --> 00:24:15.150
Michael Stapleton: it'll it'll copy the data and what it does it, it might be just some information, maybe it leaves out credit card information, maybe it manages the data.
00:24:16.020 --> 00:24:22.230
Michael Stapleton: For example, you have some kind of a legacy system where the username needs to be an all uppercase cobalt anyone.
00:24:23.070 --> 00:24:31.080
Michael Stapleton: yeah IBM as a copies of the data, you can provide scripts that process that data, so you could have it converted as required.
00:24:31.410 --> 00:24:38.730
Michael Stapleton: So the idea is it keeps the data synchronized in between these different systems, how you want it, the way you want it.
00:24:39.720 --> 00:24:50.640
Michael Stapleton: and gives you a rest API if you want to manage it all in a single location, so now you've got a single rest API to access and manage all that information, even those distributed all over the place.
00:24:51.210 --> 00:25:05.790
Michael Stapleton: And against got it self service you eyes so customers can see their information maintain their information recover their passwords all that great stuff now it's not meant for single sign on right its identity management that's its whole.
00:25:07.680 --> 00:25:08.880
Michael Stapleton: superpower let's say.
00:25:11.190 --> 00:25:17.010
Michael Stapleton: So identity manager all about the managing and synchronization of that identity information.
00:25:19.290 --> 00:25:31.620
Michael Stapleton: All right, put these things together, and you get a bit of magic so the platforms, because what we typically need functionality of all of it right, so, for example, I was.
00:25:32.070 --> 00:25:38.730
Michael Stapleton: Just last week, I was trying to help someone or some functionality, they were trying to implement in IBM and.
00:25:39.390 --> 00:25:47.490
Michael Stapleton: Sometimes it's funny how sometimes a simple thing ends up being the difficult thing that look like it to be a simple thing to do, but really a pain and i'm like you know.
00:25:47.880 --> 00:26:05.010
Michael Stapleton: This would be so easy and journeys two minutes you'd have it done meanwhile they've been working on a week for integrating together because we generally need both functionality, so the platform, you can see, here we have the, let me just get my other this guy here.
00:26:06.090 --> 00:26:16.710
Michael Stapleton: We have not only IBM to we're just looking at their so it helps us manager, I did add information right synchronizing influencer, but we also have am.
00:26:17.310 --> 00:26:28.530
Michael Stapleton: And we got our ID because we're doing authentication authorization same same as before, maybe it would be better, so we go through, we get redirected we login.
00:26:29.040 --> 00:26:37.140
Michael Stapleton: We have self service, but this is managed in journeys way more flexible than the self service in IBM.
00:26:37.800 --> 00:26:52.050
Michael Stapleton: way more so yeah you can customize customize self service an IBM, but with journeys, I can do it by drag and drop and drop in my own custom nodes all kinds of things so yeah that just like yours that's awesome it's like yeah just love it.
00:26:52.740 --> 00:27:04.020
Michael Stapleton: Anyway, so that that's one of the magical powers of the Platform when you integrate it here self service is configured, just like the authentication through trees journeys.
00:27:04.920 --> 00:27:12.180
Michael Stapleton: And so we're logging in we're getting access to resources and we're creating and managing identity information.
00:27:12.840 --> 00:27:26.340
Michael Stapleton: Through IBM, because it is much better at doing that and again when we do our self service when it's integrated yeah these things are working together he's like as a as a single product really tight integration between them.
00:27:28.230 --> 00:27:31.200
Michael Stapleton: yeah a little bit of everything, everything that we need.
00:27:32.370 --> 00:27:34.500
All right, I think that's good.
00:27:37.350 --> 00:27:41.550
Michael Stapleton: So here's some example journeys social registration you.
00:27:43.020 --> 00:27:52.050
Michael Stapleton: know you want people to be able to login create an account with Facebook Google or whatever, so this is an example of configuring that.
00:27:52.440 --> 00:27:57.900
Michael Stapleton: So they have a single page that will come up, they have a node for that you want to group things on a single page and.
00:27:58.200 --> 00:28:06.780
Michael Stapleton: As their journey as their process their journey through getting access or changing your password or whatever you're trying to do with this journey.
00:28:07.530 --> 00:28:14.550
Michael Stapleton: In this case, registering through social media so we're going to get their username and password and let them select do you want to log in.
00:28:15.300 --> 00:28:26.580
Michael Stapleton: Or do you want to log in with right, so they can login with username password that's the bottom one down here, so let me, let me get laser pointer that's a little easier to see.
00:28:27.840 --> 00:28:38.940
Michael Stapleton: So you can see down here local we just got the username and password if we get the decision know this will check their identity store username password file that break and if it's good it's hard to see, but it goes.
00:28:39.960 --> 00:28:46.680
Michael Stapleton: And they're in while we keep track of their login count, so we have a note here that just keep track of that for us stores an attribute of the user.
00:28:47.130 --> 00:28:54.150
Michael Stapleton: And if they fail man, we don't give them too much of a choice, here again, you could make this more complex if it fails, you can retry and stuff.
00:28:54.690 --> 00:29:13.890
Michael Stapleton: If they choose to login with Google or Facebook, or whatever we support it, well then yeah we'll we'll once a little initiate and oh IDC grant and we will get a json web token with their identity information from the provider and then here's the magic coming in here, well, what if they.
00:29:15.120 --> 00:29:23.340
Michael Stapleton: Well, first off, are they new right if we've never seen them before, how do we know we've never seen them before.
00:29:24.810 --> 00:29:25.350
Michael Stapleton: well.
00:29:27.780 --> 00:29:40.440
Michael Stapleton: We compare the email addresses to default pretty standard thing so we'll get the email their email address from the identity provider and we'll compare it to the identities, we already have, and this is identifying an existing user.
00:29:41.280 --> 00:29:47.940
Michael Stapleton: So if we if the first time they're logging in with Google we check to see if they've logged in another way, maybe Facebook, maybe a local account.
00:29:48.600 --> 00:30:01.830
Michael Stapleton: If they have logged in with let's say Facebook Well, now we know they got a Facebook account they got a Google account we're going to want to merge these things together, so this is where we go oh yeah you're already logged in as john.
00:30:03.210 --> 00:30:10.530
Michael Stapleton: Some other way and we give them an opportunity, and so they logged into Google and now we go yeah we found another social account where they logged in.
00:30:11.550 --> 00:30:19.890
Michael Stapleton: They could log in with Facebook, the second time and if they manage to log into Facebook and they logged in with Google, we know those two accounts are linked.
00:30:20.160 --> 00:30:31.170
Michael Stapleton: So we'll link the accounts, so now, they can log in either way, but it still is the one identity in the identity store otherwise yeah we're basically gonna say.
00:30:32.640 --> 00:30:45.360
Michael Stapleton: No, but that's the basic idea, and you can make it more complex, this is from the documentation right grab this here's, just as I said when we get into the journeys it's not just authentication.
00:30:45.810 --> 00:30:51.270
Michael Stapleton: So as part of a tree progressive profiling mentioned this early with IBM.
00:30:51.990 --> 00:31:01.110
Michael Stapleton: Where you need extra information, later on, so in this example we're going to do is we're going to check to see how many times they've logged in because we were gathering that information.
00:31:01.680 --> 00:31:10.260
Michael Stapleton: And we're going to check to see if certain attributes aren't set so if there's certain information we need and they've logged in enough times, then we're going to ask for that information.
00:31:10.530 --> 00:31:16.050
Michael Stapleton: and update their account so maybe it's their telephone number, maybe you know, whatever it is, you need done.
00:31:16.410 --> 00:31:28.170
Michael Stapleton: Or maybe just as an example, you just need to have a record in a database when people locked in the 10th time or something you could actually just have a script that gets executed, instead of doing this and use this.
00:31:29.220 --> 00:31:39.060
Michael Stapleton: Just this login count add your script if they've already logged in 10 times your script executes does a rest API called some external system, if not.
00:31:40.740 --> 00:31:48.840
Michael Stapleton: yeah you need any business processes, whatever you need to do these journeys really make that easy to implement really, really super super dynamic.
00:31:50.550 --> 00:31:52.350
Michael Stapleton: Just simple example there's a lot more.
00:31:53.760 --> 00:32:00.420
Michael Stapleton: Something I haven't talked about high availability, maybe talk about that my drawings are simplified.
00:32:00.720 --> 00:32:13.350
Michael Stapleton: So all of your components, need to be fault, tolerant and scalable array of your identity management system, especially authentication authorization goes down the lights go out don't can log in.
00:32:13.920 --> 00:32:24.870
Michael Stapleton: data is and being synchronized is going to be bad, so the reality of one of those drawings was yeah you're going to have clusters of machines behind load balancers data stores.
00:32:25.140 --> 00:32:31.470
Michael Stapleton: are going to have to have replication, for example, and IBM stores its identity information in a repo.
00:32:31.770 --> 00:32:40.410
Michael Stapleton: which can be directory servers typically, though, is relational databases and you got a relational database you're gonna have to configure it for each day.
00:32:41.010 --> 00:32:50.730
Michael Stapleton: That goes down you're going to be in trouble am itself stores all of its information in directory server so you're going to have lots of directory servers.
00:32:51.240 --> 00:33:01.950
Michael Stapleton: They need to be for drop directory servers and you have to have a synchronization replication setup between them, so you don't have any single points of failure, so the real world, of course, is.
00:33:02.430 --> 00:33:13.170
Michael Stapleton: Pretty complex that could be running Cooper daddy's wears a devops samples that can all be containerized for drugs supplies your container docker.
00:33:13.830 --> 00:33:23.490
Michael Stapleton: images and or the docker files for creating your images and this is simplified examples, we have the different components here, am I DM their repository.
00:33:23.820 --> 00:33:32.430
Michael Stapleton: it's not showing ingress controllers and services and auto scale errors and all the other kind of Cooper 90s components that make this up.
00:33:33.030 --> 00:33:43.530
Michael Stapleton: But you can absolutely run the platform locally or on your own infrastructure, just now, you need to know Cooper nettie so you got to manage that, and which is cool I love Cooper daddy's.
00:33:44.910 --> 00:33:51.240
Michael Stapleton: If I don't need it, if I you know I like Cooper nettie but it doesn't mean I always want to run Cooper daddy's and.
00:33:52.500 --> 00:34:00.360
Michael Stapleton: In no in the real world, we just want the functionality of the services, I don't want to manage it that's the reality right.
00:34:01.350 --> 00:34:09.450
Michael Stapleton: i've done a lot of system administration over the years, because it's a requirement, but as a company you just want the functionality of it.
00:34:09.930 --> 00:34:24.270
Michael Stapleton: So managed services right managed services, the ideas outsourcing the bottom line you outsource the management of it, and then you use it, and so the identity cloud is that platform.
00:34:25.920 --> 00:34:30.780
Michael Stapleton: On the cloud built manage patched updated everything for drugs.
00:34:31.800 --> 00:34:41.190
Michael Stapleton: So it's hosted technically it's in Google Google cloud that's actually where it's really running is running Cooper daddy's but you don't see that you don't know we don't hate great.
00:34:41.850 --> 00:34:50.400
Michael Stapleton: To see you know you don't want to know, I just want it running right they build it they host it they patch it they upgrade it they back it up, they scale it.
00:34:51.420 --> 00:35:01.020
Michael Stapleton: You just use it that's really what you want to do and that's a big deal that's a lot of work, maintaining all of these components it's expertise, you have to have.
00:35:01.560 --> 00:35:18.450
Michael Stapleton: Even if you do have the experts time you have to have to do it and it's risk when you're doing yourself and especially when you know you're in a rush you're pulled in many different directions it's very easy to make mistakes and mistakes in these critical infrastructure is expensive.
00:35:20.010 --> 00:35:23.580
Michael Stapleton: yeah according to Forrester research organizations can you know numbers right but.
00:35:23.940 --> 00:35:32.790
Michael Stapleton: yeah development costs by 80% by using cloud mem solutions you don't you just use it right you don't have to worry about it Labor costs, you can redirect employees.
00:35:33.210 --> 00:35:41.520
Michael Stapleton: and work on the what differentiates you from everyone else and not building and managing the infrastructure as much as possible.
00:35:42.990 --> 00:35:49.560
Michael Stapleton: And yeah people are moving to the cloud, if you are expecting to totally move to the cloud.
00:35:51.810 --> 00:36:02.940
Michael Stapleton: Identity and access manager is gonna have to move to this one of those things, and yet we're talking about I am, this is not the same as I am and aws that's that's just within Amazon for their own.
00:36:03.930 --> 00:36:12.900
Michael Stapleton: api's not for your applications we're talking about identity access management, for your Apps and services that runs a Google cloud technically.
00:36:13.470 --> 00:36:23.490
Michael Stapleton: You have what's called a tenant you have access to your tenant it's made up of multiple environments because again Critical Infrastructure here you don't want to be making changes in production.
00:36:23.820 --> 00:36:30.870
Michael Stapleton: So you actually make changes, you have three environments, you have a development, environment, where you can make updates and try things and experiment with.
00:36:31.260 --> 00:36:38.220
Michael Stapleton: You know example identities and whatnot you then promote it to staging that's a whole nother.
00:36:38.790 --> 00:36:43.560
Michael Stapleton: Deployment you don't see it or anything you do this as a request for drug they manage it.
00:36:44.040 --> 00:36:51.900
Michael Stapleton: This QA right so, then you can go through your tests and everything with larger identity sets and hammer added a while and make sure, everything was good.
00:36:52.110 --> 00:36:58.950
Michael Stapleton: And if it's good, then you can have that promoted into production right, so they help you with the life cycle that's really, really critical.
00:37:00.240 --> 00:37:12.870
Michael Stapleton: Now it's running on the cloud, and then, but you have resources and identity information somewhere else, and on Prem other cloud vendors wherever.
00:37:13.470 --> 00:37:19.890
Michael Stapleton: almost got networking a the am has to has to is hanging out there, so.
00:37:20.280 --> 00:37:27.810
Michael Stapleton: You have to have identity gateway to if you want to do with authentication authorization right we route traffic through it, so you can be running identity gateway locally.
00:37:28.200 --> 00:37:41.430
Michael Stapleton: and identity gateway can be sending its requests for decisions to the identity cloud, so you configure you control everything the identity cloud, but your traffic stays in house and on Prem I just requests.
00:37:42.030 --> 00:37:49.980
Michael Stapleton: For the identity management part to extend and give it access to your identity information systems for a synchronization if you want to do that.
00:37:50.760 --> 00:38:03.090
Michael Stapleton: Then we run an agent locally and the identity cloud interfaces with the agent to synchronize data between your on Prem slash and other cloud providers.
00:38:04.680 --> 00:38:16.200
Michael Stapleton: So yeah this agent runs wherever you are and it maintains a web socket connection through the firewall that way you don't have to open up connections.
00:38:16.560 --> 00:38:27.480
Michael Stapleton: The identity cloud doesn't initiate a connection the agent initiates the connection and then keeps the socket open so that when it's time to synchronize their copy data needs to do something it has an open connection.
00:38:28.020 --> 00:38:35.370
Michael Stapleton: And can get access to the connectors that run in here and the connectors interface with your identity so yeah definitely.
00:38:36.420 --> 00:38:44.010
Michael Stapleton: So that's this is kind of it looks like now, you have the platform basically running on the on the cloud.
00:38:44.550 --> 00:38:53.760
Michael Stapleton: And you has some management interfaces are you have those different stages and everything, so you can go through your development staging for configuration.
00:38:54.480 --> 00:39:06.300
Michael Stapleton: It has a separate very customizable ui for your users, so another benefit of the identity cloud over the platform like this there's little extras here.
00:39:07.170 --> 00:39:18.330
Michael Stapleton: Not only is it a hosted solution, but it has a way easier nicer way for customizing your user interface right you're going to want the look and feel of your authentication and.
00:39:18.690 --> 00:39:32.160
Michael Stapleton: User desktops to match your company's user look and feel that's much more easy to to do on the cloud right it's well it's ui driven drag and drop and click a few buttons and experiment, a bit.
00:39:32.610 --> 00:39:42.150
Michael Stapleton: and make it look good so that that's important bonus there as well, so here we're showing we've got one so we're doing the whole thing we're doing identity management and.
00:39:42.720 --> 00:39:54.090
Michael Stapleton: authentication authorization so for single sign on we got identity gateway we route our traffic through identity gateway and we have the.
00:39:56.370 --> 00:40:03.570
Michael Stapleton: don't you make off the gateway agent agent that's what i'm looking for, let me go right.
00:40:05.430 --> 00:40:19.290
Michael Stapleton: We have that for identity so for identity purpose, you have your identities on the cloud you got a copy of it there, it gets synchronized through the agent and the agent can copy the data and synchronize it and keep it.
00:40:20.190 --> 00:40:32.940
Michael Stapleton: Well, however, you need it, not only that data can be synchronized again over here, so you could actually have it, so if you make a change on Prem that information could be updated on the cloud, for example, you know, like on aws.
00:40:34.770 --> 00:40:43.560
Michael Stapleton: And yeah again for authentication authorization you could route your users, through the identity gateway going to your applications.
00:40:45.360 --> 00:40:56.610
Michael Stapleton: And the identity gateway for policy decisions can talk to the cloud say hey i've got this user they want to do this are they allowed if they're allowed to get access to your services internally or not.
00:40:57.000 --> 00:41:12.000
Michael Stapleton: A centralized on the cloud authentication authorization wrangling of your identity information synchronizing it managing it all hosted and managed by Ford truck you just use it.
00:41:13.920 --> 00:41:14.250
Michael Stapleton: yeah.
00:41:15.510 --> 00:41:29.520
Michael Stapleton: I think personally it's pretty awesome so few clicks away let's just do a quick little DEMO and just the ui so i'm going to log into what's called my tenant.
00:41:30.360 --> 00:41:40.320
Michael Stapleton: i've invited myself, so I got a regular kind of email in here when you log into the tenant you should in the real world enable multi step.
00:41:41.760 --> 00:42:00.810
Michael Stapleton: Multi factor authentication two step authentication, but I just don't in the training environment to keep it simple quicker to login and I have to pull up my phone every time, and you know type in a code when you log in to the identity cloud, this is the identity cloud hanging out.
00:42:02.190 --> 00:42:08.640
Michael Stapleton: created by for drop they build it, they give you access to it and you log in you can.
00:42:10.290 --> 00:42:18.000
Michael Stapleton: Create there's the settings here, you can set up settings and I can add alternative minutes, so you control who the administrators are.
00:42:18.360 --> 00:42:31.350
Michael Stapleton: I had some initial accounts in here for training purposes and I added myself as well, I was just logging in it's a for administration purposes it's everything or nothing, these are administrators, they can manage identity and access management through here.
00:42:32.970 --> 00:42:34.560
Michael Stapleton: When you log in.
00:42:35.670 --> 00:42:40.170
Michael Stapleton: Once you've logged in for actual configuration, we have these things, called realms.
00:42:41.190 --> 00:42:48.630
Michael Stapleton: For now, the basic idea of a realm is they can be configured differently, and they can have different identities stores.
00:42:48.870 --> 00:43:02.250
Michael Stapleton: So, for example, you might have separate identity stores for employees and customers, so you can use one of these realms for customers and another one for employees, because you probably want to configure things separately and differently for them.
00:43:03.330 --> 00:43:06.900
Michael Stapleton: So when we work we usually have to tell it around, we want to do something and.
00:43:08.250 --> 00:43:14.010
Michael Stapleton: Now, in your realm the kind of major parts, we have here is a section for identities.
00:43:14.370 --> 00:43:24.090
Michael Stapleton: So I can see any identities, I have in the system, right now, these identities can come from on Prem through those connectors, and so we can synchronize.
00:43:24.630 --> 00:43:39.330
Michael Stapleton: From the cloud or on Prem wherever they are, we can bulk load them in here so, for example, I got a DEMO user I could search for in here, and I can see the user basic basic information see information about them and.
00:43:41.130 --> 00:43:47.880
Michael Stapleton: Connecting This is where those remote connection servers So if I want to get information from outside of the cloud.
00:43:48.120 --> 00:43:59.850
Michael Stapleton: bring it into identity cloud here then yeah I set up connectors and then I can configure synchronization through these connectors, as I mentioned, I can do a bulk import if I really wanted to.
00:44:00.810 --> 00:44:03.780
Michael Stapleton: So that's a bit of the identity management stuff.
00:44:04.140 --> 00:44:12.330
Michael Stapleton: Now this ui is growing, and they are adding more and more functionality to it, but it doesn't do everything and control everything you do.
00:44:12.570 --> 00:44:26.820
Michael Stapleton: So we do have access to the native consoles down here, so the identity manager, if you want to do something that isn't hasn't been ported into the new ui here yeah you can go over here and login to open IBM.
00:44:28.140 --> 00:44:36.060
Michael Stapleton: Well idea, nowadays, and you can go in and see your configuration of your connectors and mappings and how you synchronize your data.
00:44:36.990 --> 00:44:49.650
Michael Stapleton: Not everything if you can do something, so the major ui should do it they're not through here it's changing a bit slowly they're moving all the functionality of these native interfaces and moving it into the default one.
00:44:50.940 --> 00:45:10.650
Michael Stapleton: But there is still there, if you need to learn so it's not here it's down over there here's those journeys so as I mentioned the journeys for doing authentication for registration social registry updating passwords, so this is not just for authentication it's also for self service.
00:45:12.240 --> 00:45:26.490
Michael Stapleton: I want to register, I need to reset my password so here's a journey that does the resetting the password, as I said, this is all an interface that you can customize if you needed something added in here.
00:45:28.650 --> 00:45:39.360
Michael Stapleton: For example, you wanted to know how long it takes someone to login, on average, I could grab some nodes and I could actually add them in there, I could do things like.
00:45:39.960 --> 00:45:54.210
Michael Stapleton: This is actually starts a timer and then I could say, well, once it's done then just before I update it or maybe only after yeah now let's do it over here, I can drag this over here and i'm going to be timing.
00:45:55.290 --> 00:46:02.940
Michael Stapleton: I give a name to these timers and then I could see him through the metrics so we can integrate with Promethean and whatnot and you'd be able to see all of it.
00:46:04.170 --> 00:46:12.450
Michael Stapleton: So the flexibility of this is really awesome you make it do what you want to there's all kinds of.
00:46:13.470 --> 00:46:14.880
Michael Stapleton: nodes in here.
00:46:15.960 --> 00:46:19.500
Michael Stapleton: for doing all kinds of things utilities and.
00:46:21.060 --> 00:46:21.870
Michael Stapleton: metering.
00:46:25.680 --> 00:46:26.100
00:46:27.690 --> 00:46:39.420
Michael Stapleton: So journeys awesome just love journeys um Oh, the ui the hosted pages I mentioned in there, so if you want to theme things you can see, make custom themes and work with them.
00:46:40.860 --> 00:46:50.040
Michael Stapleton: So bootstrap themes, both for the user page what it looks like and what components, you see, so here's like a user's dashboard you control what's there.
00:46:51.240 --> 00:47:10.350
Michael Stapleton: So control the layout what they see if you don't want to do trusted devices or authorized applications, you could remove that from there you eyes so that's all there if I want to change the logos that are seeing if I want to change the shape of things styles.
00:47:12.750 --> 00:47:18.660
Michael Stapleton: let's go a navigation to change all of the style information in there.
00:47:21.150 --> 00:47:21.510
Michael Stapleton: yeah.
00:47:23.160 --> 00:47:27.060
Michael Stapleton: yeah it's just cool very, very flexible.
00:47:28.890 --> 00:47:32.580
Michael Stapleton: All right, what are we doing for time oh yeah.
00:47:33.270 --> 00:47:35.970
Alexandra Kenney: we've got about five more minutes until we can jump into question.
00:47:37.140 --> 00:47:37.500
Michael Stapleton: yeah.
00:47:38.850 --> 00:47:43.530
Michael Stapleton: I think i'm gonna leave it there and see if there's any question.
00:47:46.050 --> 00:47:52.920
Alexandra Kenney: You just want to go a couple of slides down, then I can close it up and open for questions yeah let's just do that yeah.
00:47:54.060 --> 00:47:58.260
Michael Stapleton: training and certification Oh, by the way, yeah supposed to I need need talk about this yeah.
00:47:59.970 --> 00:48:01.860
Michael Stapleton: yeah what else gaps are supported.
00:48:02.250 --> 00:48:05.430
Michael Stapleton: All current well done yeah standard elder for sure.
00:48:06.480 --> 00:48:07.860
Michael Stapleton: I don't know that.
00:48:11.340 --> 00:48:25.170
Michael Stapleton: let's go with training so yeah the examples here, you can see, you may have noticed was like Fr 300 in there, the effort 300 is a new course from Ford rockets, it is high level right so goes over.
00:48:26.550 --> 00:48:34.380
Michael Stapleton: yeah me and all the stuff that we've discussed here and gives you a hands on experience in a lab environment to try it all out it's a three day class.
00:48:35.010 --> 00:48:44.280
Michael Stapleton: But it doesn't go into everything it's meant to be high level, for example, it doesn't get into like and policies for authorization.
00:48:45.270 --> 00:48:55.260
Michael Stapleton: doesn't go into super detail it's just really get you get you in there and get you using it get to 80% of what you really, really need to do that's the far 300 class.
00:48:55.620 --> 00:49:15.000
Michael Stapleton: If you need more you want to go there's a new identity cloud deep dive classes, is the ic 400 400 level, and it goes much more into detail and customization, especially when it comes into authentication and authorization and.
00:49:16.200 --> 00:49:22.680
Michael Stapleton: More more more deeper better, faster it's a five day class and more labs more details.
00:49:24.240 --> 00:49:26.340
Michael Stapleton: you're going to be the expert well yeah.
00:49:27.600 --> 00:49:29.460
Michael Stapleton: As you saw there's a lot to this stuff so.
00:49:31.620 --> 00:49:40.410
Alexandra Kenney: All right, thank you so much, Michael just at the end here before we open it to questions, I just wanted to let you all know that we have an exclusive savings benefit for everyone.
00:49:40.770 --> 00:49:50.130
Alexandra Kenney: who attended this webinars so you can get 15% off your virtual and classroom training or 10% off your on demand training that includes subscriptions or self paced courses.
00:49:51.030 --> 00:50:06.090
Alexandra Kenney: So when you go to our website, you can see the URL right there you could go to learn 21 or just use the promo code learn 21 and as long as you register by November 30 you can take advantage of these savings so definitely encourage you to do so.
00:50:07.440 --> 00:50:16.560
Alexandra Kenney: Okay, so this was a great presentation we do have some questions that have come in michaels, so I will start going through those with you and we can jump into anything that.
00:50:16.560 --> 00:50:16.920
00:50:18.210 --> 00:50:18.450
Alexandra Kenney: i'm.
00:50:19.500 --> 00:50:20.640
Michael Stapleton: Sure i'm gonna beat you to it.
00:50:20.880 --> 00:50:25.560
Alexandra Kenney: Sure, no very good good so yeah just Gabriel is question how many.
00:50:25.980 --> 00:50:35.610
Michael Stapleton: How many rooms are available it's just too that's that's one of the issues so it's it's just two realms the alpha and the bravo realms.
00:50:37.080 --> 00:50:44.550
Michael Stapleton: As for held up, yet the current held up is supported ad supported through our APP as well and.
00:50:45.750 --> 00:51:07.140
Michael Stapleton: He so the docker files provided well the docker images provided in docker hub are not meant to be used in production, you are meant to build your own from the docker files they they supply that's really what they're kind of I guess what they mean by that.
00:51:08.670 --> 00:51:14.610
Michael Stapleton: yep from a support standpoint, they support the product they don't support the environment it's running in.
00:51:15.720 --> 00:51:17.760
Michael Stapleton: So that's that's where that's coming from.
00:51:19.590 --> 00:51:22.920
Michael Stapleton: The running it in a Cooper 90s environment.
00:51:24.570 --> 00:51:38.490
Michael Stapleton: They have actually teach the devops class for doing that, so the platform runs in communities, as I mentioned earlier, and they supply the tools and everything to build and manage it.
00:51:39.060 --> 00:51:46.530
Michael Stapleton: It is not for the faint of heart to be to be brutally fair and when you're it's it's not.
00:51:47.100 --> 00:52:07.800
Michael Stapleton: hey you just run a home chart and it's installed and off you go it's meant for you to help you deploy it to give you the building blocks to deploy it on Cuban 80s and to for you to customize it the way you really need it, it still is.
00:52:10.050 --> 00:52:25.620
Michael Stapleton: Now I know it's still needs your input and a lot of work, but we do have a long as that course a three day devops class that I teach a lot of that courses, most people need to learn Cooper 90s, and some of the tools we use.
00:52:27.390 --> 00:52:36.840
Michael Stapleton: So, like scaffold and customize and how those things are put together there's a get repository that for drunk has to help you do that.
00:52:39.960 --> 00:52:41.970
Michael Stapleton: yeah people do deploy on communities.
00:52:43.410 --> 00:52:43.800
00:52:44.820 --> 00:52:53.340
Michael Stapleton: But it's a whole lot easier if you use the identity cloud, then you don't have to worry about any of it, but then you lose a little bit of control so, for example, you're running communities.
00:52:53.700 --> 00:53:07.440
Michael Stapleton: It totally supports whatever you want to do everything's like support in the sense of you can do it, you can accomplish it whether what you're trying to do is exactly supported by for drug support that's that's a little different but.
00:53:08.610 --> 00:53:14.190
Michael Stapleton: Definitely, you can do what you want to do like custom nodes and things like that, whereas in the identity cloud for now.
00:53:14.220 --> 00:53:16.230
Michael Stapleton: The currently not supporting custom.
00:53:16.860 --> 00:53:22.260
Michael Stapleton: journey notes tree notes, but they have so many that that's less important than it used to be.
00:53:24.420 --> 00:53:38.730
Michael Stapleton: Can you integrate I am with the yes absolutely slumped down and like your audit logs it's totally customizable pluggable you can have your own scripts event driven yes, yes, you definitely can.
00:53:44.190 --> 00:53:45.960
Michael Stapleton: Think any other questions coming.
00:53:47.460 --> 00:53:51.720
Alexandra Kenney: there's a couple of the cat one of them is can users manage their own profiles.
00:53:51.900 --> 00:54:05.100
Michael Stapleton: yeah Yes, they can and that's the customized us, we can an identity cloud, we can manage the look and feel of it, and this is where they can see the identity information you have they can sign up for.
00:54:06.120 --> 00:54:22.980
Michael Stapleton: What we call preferences, which controls their data being synchronized into external systems and we want to get emails, as I mentioned that also sharing their data with third parties like marketing that can all be controlled in their dashboard they can delete their own accounts.
00:54:25.590 --> 00:54:30.660
Michael Stapleton: They can see and manage their own identity information is DS part of the identity platform.
00:54:31.770 --> 00:54:36.960
Michael Stapleton: So for drug directory server I assume that's what you're talking about elder APP server it.
00:54:38.820 --> 00:54:43.440
Michael Stapleton: Does well, it depends what the identity platform yeah definitely.
00:54:44.640 --> 00:54:45.420
Michael Stapleton: Because.
00:54:46.920 --> 00:55:03.750
Michael Stapleton: Am, which is part of the Platform, it needs to store all of its tokens identity tokens and things like that, if you're doing Uma then those things need to be in a for drop directory servers so mostly it's a part of it, it requires some for drug directory servers.
00:55:06.450 --> 00:55:08.460
Michael Stapleton: yeah they were they were there.
00:55:09.690 --> 00:55:15.630
Michael Stapleton: I might not have mentioned it, when I was in the slides, but here if I go back to am.
00:55:17.040 --> 00:55:17.910
Michael Stapleton: That right.
00:55:19.110 --> 00:55:24.270
Michael Stapleton: I didn't do it there, where did they do it, it was in the ha part I think I didn't mention it, but.
00:55:26.610 --> 00:55:34.050
Michael Stapleton: There was that I lost my slide but whether it is from current slide know from current slide.
00:55:36.480 --> 00:55:37.230
Well, you know.
00:55:38.850 --> 00:55:39.810
Where was the ha one.
00:55:41.700 --> 00:55:48.870
Michael Stapleton: yeah here, these guys here when I talked about the am these need to be for drug directory servers and that's what those are.
00:55:49.890 --> 00:55:52.200
Michael Stapleton: So of course token service a big store.
00:55:55.710 --> 00:56:00.000
Michael Stapleton: Extra info oh yeah there's a lot more than what we talked about here for sure.
00:56:01.290 --> 00:56:04.110
Rebecca Pfaff: Mike did you address the questions that were in chat.
00:56:05.550 --> 00:56:06.870
Michael Stapleton: yep that's what i've been looking at.
00:56:07.530 --> 00:56:10.650
Rebecca Pfaff: Okay, I went offline accidentally just want to double check Thank you.
00:56:11.460 --> 00:56:15.690
Michael Stapleton: Oh yeah, so I think, is there any other questions.
00:56:19.080 --> 00:56:29.970
Michael Stapleton: Well, come on training, and you can ask questions all day every day for well for as long as you want so yeah i'm going to give you guys my email address.
00:56:31.170 --> 00:56:35.280
Michael Stapleton: Some people are gonna think i'm crazy to do this, but i'm gonna give you my email address, and if you.
00:56:35.280 --> 00:56:48.090
Michael Stapleton: Do have any questions later on feel free to email me Michael de stapleton at tech data.com make sure I spelled it right.
00:56:49.560 --> 00:56:51.870
Michael Stapleton: If you guys have any questions or anything feel free.
00:56:53.970 --> 00:56:57.390
Alexandra Kenney: Thank you so much, like all this was a great presentation we really appreciate it.
00:56:59.790 --> 00:57:00.750
Alexandra Kenney: All right, Thank you everyone.
00:57:05.940 --> 00:57:06.510
Michael Stapleton: Thank you.