Identity Disorder Podcast, Episode 2

Identity Disorder, Episode 2: It’s a DevOps World, We Just Live In It


In the second episode of Identity Disorder, join Daniel and me as we chat with ForgeRock’s resident DevOps guru Warren Strange. Topics include why DevOps and elastic environments are a bit like herding cattle, how ForgeRock works in a DevOps world, more new features in the mid-year 2016 ForgeRock Identity Platform release, the Pokémon training center next to Daniel’s house, and if Canada might also consider withdrawing from its neighbors.

Episode Links:

Learn more about ForgeRock DevOps and cloud resources:

Videos of the new features in the mid-year 2016 ForgeRock Identity Platform release:

Information on the 2016 Sydney Identity Summit and Sydney Identity Unconference (August 9-10, 2016):

All upcoming ForgeRock events:


OpenIG 4.0 is now available

This blog post was first published @, included here with permission.

January’s release of the ForgeRock Identity Platform includes OpenIG 4. This release brings new API gateway features, better integration with OpenAM, extended support for standards, and increased performance.

OpenIG 4’s new audit framework now handles audit events in a common way across the whole ForgeRock platform. For example, OpenIG 4 can track interactions across OpenAM, OpenDJ, and OpenIDM. Audit logs can be centralized and transactions can be traced across the platform. Additionally, the audit framework supports logging to files, databases, and the UNIX system log.

Improved monitoring data for the servers, applications, and APIs provides a better view of how OpenIG 4 and its routes are used. Delivered through REST endpoints, data includes request and response statistics, such as the number of requests, time to respond, and throughput.

The new throttling feature limits access to applications and APIs, increasing security and fairness. Throttling can enforce flexible rate limits for a variety of use cases, such as to limit the number of requests per minute from clients at the same network address.

Several new features improve integration with OpenAM:

  • A new policy enforcement filter allows only authorized access to protected resources. You can now use OpenIG instead of an OpenAM agent for authorization, and centralize all your access control policies in OpenAM.
  • SSO and federation for applications has been extended by a token transformation filter to use with the OpenAM REST Security Token Service. By using the filter, a mobile app with an OpenID Connect token can now access resources held by a federated service provider.
  • A new password replay filter simplifies the configuration for replaying credentials in common use cases.

Support for standards has been extended:

  • OpenID Connect Discovery makes it possible for users themselves, instead of system administrators, to select identity providers.
  • Initial support is available for a User Managed Access resource server, where users can control who accesses their resources, when, and under what conditions.

Behind the scenes, OpenIG 4 internals have been refactored to improve scalability – because we are no longer blocking threads, a single deployment can handle more requests at the same time.

These are just some of the changes in OpenIG 4. Check the Release Notes for a full list of what’s new in this release, and download the software from ForgeRock’s BackStage.

We love your feedback. Please feel free to ask questions, make suggestions, and tell us what you think of OpenIG by joining the community and getting on the forum and mailing list.

New version of ForgeRock Identity Platform™

This week, we have announced the release of the new version of the ForgeRock Identity Platform, which brings new services in the following areas :

  • Continuous Security at Scale
  • Security for Internet of Things (IoT)
  • Enhanced Data Privacy Controls


This is also the first identity management solution to fully implement the User-Managed Access (UMA) standard, making it possible for organizations to address expanding privacy regulations and establish trusted digital relationships. See the article that Eve Maler, VP of Innovation at ForgeRock and Chief UMAnitarian posted to explain UMA and what it can do for you.

A more in depth description of the new features of the ForgeRock Identity Platform has also been posted.

The ForgeRock Identity Platform is available for download now at

In future posts, I will detail what is new in the Directory Services part, built on the OpenDJ project.

Filed under: Identity Tagged: access-management, Directory Services, ForgeRock, identity, Identity Relationship Management, opendj, platform, release, security, uma

Nouvelle version de la Plateforme Identité de ForgeRock

Cette semaine nous venons d’annoncer la nouvelle version de la Plateforme d’Identité de ForgeRock (ForgeRock Identity Platform™).


La Plateforme d’Identité de ForgeRock est maintenant capable d’évaluer dans son contexte et en continu, l’authenticité des utilisateurs, des appareils et des objets.

Cette nouvelle version est aussi la première solution qui offre le support de la norme “User Managed Access” (UMA) qui permet aux individus de partager, contrôler, autoriser et révoquer l’accès aux données de façon sélective, et donc offrent aux entreprises une solution ouverte et standardisée pour protéger et contrôler la confidentialité des données de leurs clients et employés. Ces besoins de confidentialité et de gestion du consentement deviennent importants dans le domaine de la santé, des objets connectés ou même dans le secteur des services financiers.

Pour mieux comprendre “UMA” et les services offerts par la Plateforme d’Identité de ForgeRock, je vous propose de regarder cette courte vidéo (en Anglais).

La plateforme ForgeRock Identity Platform est disponible en téléchargement dès à présent à l’adresse :

Les détails des nouveautés de cette version sont sur le site de ForgeRock.

Filed under: InFrench Tagged: ForgeRock, identité, identity, opensource, plateforme, platform, release, uma