ForgeRock Identity Management Core Concepts

Course Details
Code: IDM-400
Tuition (USD): $3,500.00 • Classroom (5 days)
$3,500.00 • Virtual (5 days)

Manage the lifecycle and relationship of digital identities within the context of a Customer Identity and Access Management solution (CIAM) using ForgeRock® Identity Management (IDM) and the integration with the ForgeRock™ Identity Platform.

  • Note that Revision B of this course is built on version 6.0.0 of ForgeRock Identity Management.

Skills Gained

Upon completion of this course, you should be able to:

  • Deploy and manage IDM as a project
  • Start, log, and perform basic troubleshooting in IDM
  • Configure the default user registration process
  • Configure other User Self-Service functions
  • Configure social Identity Providers
  • Integrate IDM with the ForgeRock Identity Platform
  • Theme the Self-Service User Interface
  • Run the IDM samples (optional)
  • Use the REST interface to access IDM
  • Connect to external resources using OpenICF
  • Connect to a JDBC database using the Scripted SQL Connector
  • Perform basic synchronization
  • Synchronize identity data between multiple external resources
  • Run selective synchronization and LiveSync
  • Configure role-based provisioning
  • Manage user preferences
  • Configure privacy and consent
  • Enable progressive profiling and add terms and conditions
  • Manage relationships between objects
  • Configure workflow

Who Can Benefit

The following are the target audiences for this course:

  • System Integrators
  • System Consultants
  • System Architects
  • System Administrators
  • Web Developers


The following are the prerequisites to successfully completing this course:

  • Completion of the ForgeRock Identity Management Product Overview course
  • Basic knowledge and skills using the Linux operating system to complete labs
  • Basic knowledge of JSON, JavaScript, REST, Java, Groovy, SQL, and LDAP helpful in understanding examples

Course Details

Chapter 1: Enabling Self-Service and User Registration

Lesson 1: Deploying and Managing IDM as a Project

  • Install and start IDM for the first time and explore the default UIs
  • Set up a new IDM project for development

Lesson 2: Starting, Logging, and Performing Basic Troubleshooting in IDM

  • Configure IDM to run as a background process
  • Examine the different log files in IDM

Lesson 3: Configuring the Default User Registration Process

  • Configure the outbound email service
  • Enable email-based self-registration

Lesson 4: Configuring Other User Self-Service

  • Enable email-based password reset and username retrieval
  • Expand the KBA options
  • Enable Google reCAPTCHA options to protect from spam and abuse (optional)

Chapter 2: Adding Social Registration and Authentication

Lesson 1: Configuring Social Identity Providers

  • Set up a social ID provider for Google
  • Set up a social ID provider for Facebook

Lesson 2: Integrating IDM with the ForgeRock Identity Platform

  • Prepare the ForgeRock Identity Platform components
  • Delegate all IDM authentication to AM

Lesson 3: Theming the Self-Service User Interface

  • Update the Self-Service UI theme (optional)
  • Add a custom field to the Self-Service UI registration page

Chapter 3: Creating a Global Customer View Through Synchronization and Reconciliation

Lesson 1: Running the IDM Samples (Optional)

  • Start IDM with a sample configuration and run the sample
  • Start IDM with the LDAP sample configuration and run the sample

Lesson 2: Using the REST Interface to Access IDM

  • Query and manipulate IDM objects using the API Explorer and cURL
  • Review the default IDM REST endpoints (optional)

Lesson 3: Connecting to External Resources Using OpenICF

  • Add a connector to an external LDAP resource

Lesson 4: Connecting to a JDBC Database using the Scripted SQL Connector

  • Use the Scripted SQL Connector sample to connect to a MySQL database
  • Extend the Scripted SQL Connector sample to your project

Lesson 5: Performing Basic Synchronization

  • Add a sync mapping from the IDM repository to the LDAP server
  • Add a sync mapping from the LDAP server to the IDM repository

Lesson 6: Synchronizing Identity Data between Multiple External Resources

  • Examine the links table within the IDM repository
  • Create a sync mapping to seed the repository with subscribers from MySQL

Lesson 7: Running Selective Synchronization and LiveSync

  • Run selective synchronization using filters
  • Identify methods of determining change events with LiveSync
  • Schedule LiveSync with the MySQL database

Lesson 8: Configuring Role-Based Provisioning

  • Provision attributes to one or more external resources based on static role assignments
  • Provision attributes to one or more external resources based on dynamic role assignments
  • Add temporal constraints to a role

Chapter 4: Managing Privacy and Consent Options

Lesson 1: Managing User Preferences

  • Configure synchronization filters with user preferences
  • Extend the User Preferences (optional)

Lesson 2: Configuring Privacy and Consent

  • Configure privacy and consent on a sync mapping
  • Configure privacy and consent during user registration

Lesson 3: Enabling Progressive Profiling and Adding Terms and Conditions

  • Enable and configure progressive profiling
  • Add terms and conditions to the registration process

Chapter 5: Managing Relationships Between Objects

Lesson 1: Managing Relationships

  • Describe the basic relationship model in IDM and why you might use relationships
  • Describe the existing relationship between managed users, roles, and assignments
  • Demonstrate in the lab the existing manager/report relationship within the managed user object
  • Examine the managed user, role, and assignment object relationship in IDM

Lesson 2: Modeling a New Relationship in IDM

  • Describe how to model a new relationship based on business requirements
  • Create a new relationship for a given relationship model in IDM
  • Create and test a given relationship between a managed user and device

Chapter 6: Configuring Workflow

Lesson 1: Deploying a Workflow

  • Describe various use cases for using workflow for asynchronous provisioning of users
  • Deploy and test a given workflow in IDM
  • Explore the different IDM interfaces affected by workflow

Lesson 2: Writing a Workflow

  • Describe the various business process components of BPMN
  • Walk through a BPMN diagram for the workflow
  • Use forms within a workflow to provide business logic