PingOne for Workforce

The main use case for ForgeRock  is to work with IAM  for authentication and authorization trainings, using the environments during the training sessions and providing samples for ForgeRock  customers. I have trained both enterprise organizations and smaller companies. Enterprise organizations are checking if they really need to upgrade to the new version or release, while smaller companies are trying to determine if they need to start using ForgeRock.

ForgeRock is very easy to use, and the UI is very simple to navigate. The platform includes a lot of use cases that can be utilized during training. ForgeRock provides a complete solution for authentication and authorization, which is excellent. There is no need to buy additional products to complete the solution, as it can be used with many business cases to improve authentication and authorization for websites.

The installation process is very easy and fast to start using ForgeRock technology. After installation, you can immediately start using the solution to manage your websites.

Considering the impact on the organization and trainees, we received very positive feedback after the trainings. Trainees agreed to upgrade to the new version after using older releases, and they noticed they could connect with apps or different websites and create workflows to access and share the data they want. This feedback is very positive.

ForgeRock, being based on Linux, has very good documentation about the files generated by the application. However, if everything works fine, it is easy to use, but if there are errors, you need to know where the log files are and what to check. The documentation regarding integration capabilities is very comprehensive because ForgeRock is an agnostic solution. We can use a Linux image from ForgeRock with different systems, applications, websites, and mobile apps to create various types of access for users.

The main purpose of ForgeRock is security because you can create internal groups and users or connect with on-premises or cloud security tools like Active Directory. You can use both, and during trainings, we performed tests that showed its effectiveness.

ForgeRock, being based on Linux, has very good documentation about the files generated by the application. However, if everything works fine, it is easy to use, but if there are errors, you need to know where the log files are and what to check. A point for improvement would be to bring more of these errors to the UI for administrators to help them understand what happened and how to fix it.

I chose a rating of nine out of ten because of the problem regarding the logs. To identify and fix issues, users need to search through different log files. If ForgeRock could enhance this feature in the UI to aid users, I believe that would be perfect, and it would receive a ten.

I worked as an instructor for ForgeRock, and I am not using this technology in my current work, but I used it for three years. I started working with ForgeRock in 2019.

ForgeRock is very stable because it manages access, authentication, and authorization effectively. It supports connection with internal or external Active Directory and provides a stable experience.

ForgeRock has excellent scalability. You can start small with internal user management and increase the number of groups and users or switch to external user management easily, and apply load balancing for your systems as needed.

Before using ForgeRock, I had to use a homemade solution to execute all the features that ForgeRock provides, which was very difficult. I find ForgeRock very good because it provides everything needed to develop and check for security while connecting with different technologies.

The installation process is very easy and fast to start using ForgeRock technology. Installation is straightforward and quick, and after this, you can start using the solution to manage your websites.

Considering the impact on the organization and trainees, we received very positive feedback after the trainings. Trainees agreed to upgrade to the new version after using older releases, and they noticed they could connect with apps or different websites and create workflows to access and share the data they want.

ForgeRock's integration capabilities are very easy to use because it is an agnostic solution. We can use a Linux image from ForgeRock with different systems, applications, websites, and mobile apps to create various types of access for users.

Before using ForgeRock, I had to use a homemade solution to execute all the features that ForgeRock provides, which was very difficult. I find ForgeRock very good because it provides everything needed to develop and check for security while connecting with different technologies.

Others should check if they have a draft idea of how they want to use ForgeRock's authentication and authorization solution before starting. They can then use samples and documentation to understand how to implement the solution and plan for growth. They should also discuss possibilities with ForgeRock's sales and support areas. My overall rating for ForgeRock is nine out of ten.

My main use case for ForgeRock  is mostly access management related fine-grained access management for customer identities.

For fine-grained access management, I use ForgeRock  based on the customer base, whether they belong to a particular company or a particular third party. I consider what their use cases are and how they want to integrate or access the applications. Accordingly, I expose ForgeRock Access Management  integration either via OAuth 2 or SAML 2 integration, allowing them to access the application in a secure way.

My customers also want to include the multi-factor authentication component, using mobile verification or email verification. They want to store their profile details so that every time they log in, they won't be prompted for MFA. It will be remembered for at least the next 30 days, and they won't be prompted for any second factor, allowing them to log in seamlessly.

The best features ForgeRock offers depend on the use case or requirement of the customer. ForgeRock has a variety of access management and identity management tools, and they have new offerings as well, especially the Advanced Identity Cloud. Everything is in ForgeRock Cloud, and I don't need to manage my infrastructure at all. I will be configuring it to my company requirement and can access it. I can integrate ForgeRock Identity Management  and access management for employee lifecycle management, covering joiner, leaver, and mover related workflows. From a customer point of view, there are many other functionalities available depending on what kind of use case they are interested in and how they want to integrate, authenticate, or authorize the applications. I can use the tool in various ways, either through authentication tree-based workflows, WebAuthn, or many other options, integrating and using it according to my needs.

The cloud offerings through Advanced Identity Cloud mean I don't need to set up infrastructure and I don't need to worry about application requirements for infrastructure. It's seamless and available almost immediately. I just need to configure ForgeRock Identity Cloud, connect to my company name and standards, and it's ready to be usable. I just need to customize my flow for custom business workflows. For POC and for very basic testing purposes, it's straightforward. I just need to do fine-tuning so I can use it immediately to test the use cases or basic scenarios.

Since ForgeRock is an authentication tool, it gives more use cases and more revenue for companies. This is useful for everyone, creating a win-win situation for the customers and the implementers. It is very useful for revenue generation as well as day-to-day work for employees.

ForgeRock can be improved by integrating the latest AI-based models and latest trends in the identity industry with the existing product. That way, they can offer more features to customers and secure customer identities and access.

From a usability point of view, it's almost good. Support depends on different models, particularly a severity model. Accordingly, they will respond. It would be better if they were available for support whenever the customer needs it, especially during migration or go-live time periods. If they were available on standby during those times, that would be more useful.

I have been using ForgeRock for more than ten years.

Since I am implementing this for the third party and managing the infrastructure for the actual customers, I am managing the infrastructure and the product on top of it. Whenever a new work order comes in, I work on it and based on the work I do, I will be billed and paid. This results in revenue generation.

I would ask others looking into using ForgeRock to try the product and conduct a POC to see the look and feel of it, how it works, and how it can satisfy the main use case or the use cases for the organization. That way, you can determine whether it is for you. You can decide whether you want a traditional infrastructure-based model or the Advanced Identity Cloud.

I have a different offering, such as the reverse proxy related offering from ForgeRock Identity. There are new offerings in the current or existing latest model. They have already moved away from the old infrastructure model to the cloud-based model and are adding AI integration as well, providing a more secure and intuitive interactive way for customers to interact with the product and get the details they want.

In 2014, we had two use cases with ForgeRock . One was for consumers, with 60 million consumers of the TomTom navigation system. The other was approximately half a million use cases for B2B purposes for implementing ForgeRock  in cars, with the first batch of cars being Korean vehicles.

For the consumer use case, we launched a program called One TomTom ID where a single user ID could be used to log into the web, app, and navigation device with ForgeRock. Previously, there were three different user IDs because of how the company had grown with different platforms. This was a main use case for better customer experience and improved security. For the B2B use case, different car companies wanted to get traffic information into their dashboards, and the best way to authenticate was to embed custom code into their dashboard. Whenever the car started up, the car's VIN number would be authorized if it was on the list to receive traffic information from TomTom, and they would receive it.

When authenticating a car to determine whether it was authorized to receive traffic information with ForgeRock, it was not straightforward because anyone could drive a car, so it could not be user-based. Authentication had to be based on the car's navigation ID, the dashboard ID, and the VIN number, which are directly related to the car and apply to whoever is driving it. To accomplish this, we had to issue a token. Every time a car started up for the first time and connected with the back-end system, it was issued a token that would authorize it to receive traffic information, which was a very efficient and neutral solution.

When we started using ForgeRock, it was the only premium platform that could provide this kind of security for different platforms. Its platform was built in a way where it could be applied to consumer-based use cases, but also to B2B in different capacities with token and tokenized systems, giving all kinds of options for both consumer-based and B2B scenarios.

In the B2C space, ForgeRock gave our consumers a very strong and good customer experience. We were able to manage security for B2C devices, which totaled 60 million at one location. We always took feedback from customers through surveys after implementing ForgeRock, and they gave very positive feedback. The customers of TomTom were very loyal and had been using TomTom services for a very long time, even using their personal navigation devices. Because of a single user ID being used across platforms, we had a lower amount of abandoned baskets since previously, customers would be confused about which user ID and password to use, whether it was for the web, mobile app, or device. This created very good synergy and a better experience for our customers.

On a B2B level, it opened up the market for TomTom to sell its services in a more efficient way to car companies. In the past, it used to be very complicated to set up separate servers for traffic flow and different information. Now we did not have to do that. Although it is difficult for me to give a specific percentage, it opened up the market for TomTom, and I believe they made several millions from it.

ForgeRock can be improved by making it easier to understand the licensing and upgrade protocols. The licensing was very complicated, and it required considerable time to understand which components required what kind of licensing. The upgrade process was also complicated and required significant effort to upgrade the platforms, which created a resource constraint but was necessary.

Documentation and support from ForgeRock's support desk were available, but the upgrade process remained complicated and took considerable effort, which diverted resources away from main projects.

I have used ForgeRock since 2014.

ForgeRock is stable, and I have never experienced any problems.

We scaled up with ForgeRock. My team received an award for implementing it for a 60 million customer base, which was the largest implementation at that time. Also, for the B2B use case, it was very easy to deploy the solution for different car manufacturers. From that perspective, the ease of deployment and scalability is very good.

ForgeRock's customer support is very good. Generally, the team is very responsive and takes a sense of ownership and accountability.

I previously used a different solution before ForgeRock, which was custom-built and homegrown. It was stitched together across platforms; the web had a different solution, the mobile app was different, and the navigation device had different setups. All solutions were homegrown and home-brewed.

I inherited the project when we were evaluating ForgeRock as the final solution. I do not remember the other company because it was in 2015.

On the pricing side, it was reasonable. As a customer, one always prefers lower costs or pricing. On the setup and implementation side, since we were doing it for the first time and the impact would have been substantial, it took considerable time and money to implement. There was a setup cost at that moment. However, we knew that later versions would have been much easier, but we were early adopters.

We purchased the software through a company called Everett in the Netherlands. That company also provided implementation services, which we utilized effectively. That company was later acquired by PwC, and we continued to work with them until 2018 and 2019, whenever we needed assistance. In the initial couple of years, they were very involved in the implementation side and on-site support, which was very good.

The most significant benefit is from the security perspective. We were able to assure that there were no challenges with security. We never experienced any user ID, user password, or personal information being leaked because it was a very secure system that we implemented properly.

On a B2B level, it opened up the market for TomTom to sell its services in a more efficient way to car companies. In the past, it was very complicated to set up separate servers for traffic flow and different information. Now we did not have to do that. Although it is difficult for me to give a specific percentage, it opened up the market for TomTom, and I believe they made several millions from it.

My experience with pricing, setup cost, and licensing was somewhat complicated. One has to spend considerable time trying to understand the different modules and different needs for those modules on the licensing front.

The advice I would give to others looking into using ForgeRock is that ForgeRock as an IAM  platform is not the problem. The problem always lies with whether the customer is very clear on what they want to do and has made up their mind before acquiring the platform. Generally, the challenges occur on the implementation side when the customer is not ready to implement or does not have all the use cases figured out. That is why they get a very minimal return on investment. At our end, before we signed the deal, we were very strong on how we were going to implement, and we already had enough design documents in place to understand the different requirements. That is why implementing and executing was a key focus. Any future customer should know what they are going to do with the platform before acquisition; it is like learning to drive before buying a car. I gave this review a rating of eight.

My main use case for ForgeRock  is designing user journeys, specifically customer user journeys, and how they interact with the system.

A specific example of a user journey I designed using ForgeRock  is when we migrated from an older IAM  system, Okta, to ForgeRock. We designed a journey to log into one of the partner portals, where the password was still authenticated via Okta for the first-time migration users. We configured pass-through authentication, and once the user's login is completed, we mark it as a migrated user, synchronizing their password with ForgeRock Directory Server. In that journey, we implemented various configurations such as step-up control and orchestration, where based on the risk level populated via PingProtect service, either a step-up is required via email or via a one-time text message before granting access.

In addition to my main use case, we have multiple use cases, with over 30 journeys live for the different systems that the company uses, including various flows such as forgot password, reset password, and forgot username, which utilize utility journeys that are repetitive in nature.

The best features ForgeRock offers, in my experience, include their directory services, access management, and identity management, along with the Journeys feature that lets you orchestrate and design your user path in various easy ways. They are very configurable using JavaScript, which I find to be the most useful part.

The Journey feature has made my work easier and more effective because, unlike other tools, from the input we receive from the user, such as the username, we can decide whether to prompt them for a password, send a one-time password link, or a one-time passcode. Many actions can be performed at runtime based on the inputs received, which I find quite useful, and for anything that cannot be achieved out of the box, a simple JavaScript can be written to transform data or perform additions for passing to the next node. There are many out-of-the-box nodes available for integrating with other Ping components or calling out to other SaaS services.

The other features are pretty much the same as other components such as Oracle or Ping, but the Journeys in ForgeRock are something that I really appreciate, while the rest of the features are fairly standard across other IAM  components.

ForgeRock has positively impacted my organization by allowing us to migrate from the older system to the newer ForgeRock component, enabling us to go live with many products across geographies, enhancing security as it is all cloud-based, and with the company taking care of availability, it has reduced costs for the company.

In terms of specific outcomes, previously, single sign-on was not implemented, requiring users to remember their passwords across various systems. Now, those issues have been resolved, and users have appreciated this initiative. We centralized all systems from Okta and Microsoft on-premise AD to ForgeRock, which is quite beneficial, and there is also a self-service functionality available for tasks such as resetting passwords or retrieving usernames, leading to a significant reduction in customer service calls.

I wish the JavaScript part could be improved, as not everyone is proficient in JavaScript, so automating that or reducing the reliance on it could be beneficial. Additionally, having only one realm in the cloud version, the alpha realm, feels limiting, and I would prefer having more than one realm as we had in the on-premise version of ForgeRock.

I do not have any other improvements needed for ForgeRock that I have not mentioned.

I have been using ForgeRock for three years.

There seem to be no issues so far with ForgeRock in terms of stability.

Regarding scalability, since ForgeRock is in the cloud, it is pretty scalable.

The customer support is fine; we typically have to go through an online ticketing system on their website. I would rate the customer support eight out of ten.

I previously used Ping Identity before transitioning to ForgeRock.

I do not have the precise price point on the return on investment, but I have heard in management calls that we have reduced the number of employees needed, and money has definitely been saved.

Before choosing ForgeRock, my organization evaluated other options, including Okta, which was previously implemented.

My advice for others looking into using ForgeRock is that it is really good, particularly the Journeys functionality, which allows you to configure user journeys in a more efficient way. I do not have any additional thoughts about ForgeRock. I would rate this review seven out of ten.

My main use case for ForgeRock  includes user provisioning, deprovisioning, reconciliation, workflows, cross-federated SSO , integrating applications, third-party applications into ForgeRock , managing users and entities, and handling password resets, among other functionalities.

I onboard applications into IDM for user provisioning and SSO , managing user identities effectively. We also integrate and onboard those applications into ForgeRock Access Management , allowing users to log in to their applications, get their identities authenticated against ForgeRock, and access their applications seamlessly. This approach is especially pertinent as we focus on customer IAM , utilizing CIAM  profiles.

ForgeRock offers a very scalable solution, which is one of its best features. You can have a lot of functional components operating simultaneously, and it is very developer-friendly. The solution is highly scalable, allowing us to define our own managed objects. Additionally, ForgeRock provides excellent features for workflows, which we use for account claiming and linking, highlighting the solution's scalability and flexibility.

ForgeRock positively impacts our organization as we manage a large number of users with ease, providing a standard IAM  solution that simplifies our processes.

ForgeRock can improve by offering a unified development IDE for workflows, as we currently maintain BPMN, XML, JSON, and JavaScript separately. Presently, I use Flowable  UI to create a BPMN and onboard it to ForgeRock, which is not efficient. Additionally, the front-end development should be more user-friendly for IAM  developers, who may not be well-versed in Vue.js. ForgeRock needs to focus on low-code, no-code solutions that allow for drag-and-drop functionality with good orchestration. ForgeRock and Ping should consider providing free vouchers for certification and training to developers to boost market presence, as there is currently a significant gap between good ForgeRock developers and companies looking to implement ForgeRock solutions.

My advice for others considering ForgeRock is that it completely depends on your use cases. ForgeRock is a very potent product that can fit well into a variety of solutions. If you manage a large user base, particularly planning for RBAC and multiple applications, it is easily manageable with ForgeRock. The product's stability and cost-effectiveness are significant advantages.

Having worked with multiple tools such as CyberArk, Delinea, IBM IGI , IBM ISIM , and SailPoint, I find myself very inclined towards ForgeRock due to its capabilities, especially in CIAM , which stands for Customer Identity and Access Management . As an IAM developer and architect, I favor this tool over others due to its extensive functionalities.