In 2014, we had two use cases with ForgeRock. One was for consumers, with 60 million consumers of the TomTom navigation system. The other was approximately half a million use cases for B2B purposes for implementing ForgeRock in cars, with the first batch of cars being Korean vehicles.

For the consumer use case, we launched a program called One TomTom ID where a single user ID could be used to log into the web, app, and navigation device with ForgeRock. Previously, there were three different user IDs because of how the company had grown with different platforms. This was a main use case for better customer experience and improved security. For the B2B use case, different car companies wanted to get traffic information into their dashboards, and the best way to authenticate was to embed custom code into their dashboard. Whenever the car started up, the car's VIN number would be authorized if it was on the list to receive traffic information from TomTom, and they would receive it.

When authenticating a car to determine whether it was authorized to receive traffic information with ForgeRock, it was not straightforward because anyone could drive a car, so it could not be user-based. Authentication had to be based on the car's navigation ID, the dashboard ID, and the VIN number, which are directly related to the car and apply to whoever is driving it. To accomplish this, we had to issue a token. Every time a car started up for the first time and connected with the back-end system, it was issued a token that would authorize it to receive traffic information, which was a very efficient and neutral solution.

When we started using ForgeRock, it was the only premium platform that could provide this kind of security for different platforms. Its platform was built in a way where it could be applied to consumer-based use cases, but also to B2B in different capacities with token and tokenized systems, giving all kinds of options for both consumer-based and B2B scenarios.

In the B2C space, ForgeRock gave our consumers a very strong and good customer experience. We were able to manage security for B2C devices, which totaled 60 million at one location. We always took feedback from customers through surveys after implementing ForgeRock, and they gave very positive feedback. The customers of TomTom were very loyal and had been using TomTom services for a very long time, even using their personal navigation devices. Because of a single user ID being used across platforms, we had a lower amount of abandoned baskets since previously, customers would be confused about which user ID and password to use, whether it was for the web, mobile app, or device. This created very good synergy and a better experience for our customers.

On a B2B level, it opened up the market for TomTom to sell its services in a more efficient way to car companies. In the past, it used to be very complicated to set up separate servers for traffic flow and different information. Now we did not have to do that. Although it is difficult for me to give a specific percentage, it opened up the market for TomTom, and I believe they made several millions from it.

ForgeRock can be improved by making it easier to understand the licensing and upgrade protocols. The licensing was very complicated, and it required considerable time to understand which components required what kind of licensing. The upgrade process was also complicated and required significant effort to upgrade the platforms, which created a resource constraint but was necessary.

Documentation and support from ForgeRock's support desk were available, but the upgrade process remained complicated and took considerable effort, which diverted resources away from main projects.

I have used ForgeRock since 2014.

ForgeRock is stable, and I have never experienced any problems.

We scaled up with ForgeRock. My team received an award for implementing it for a 60 million customer base, which was the largest implementation at that time. Also, for the B2B use case, it was very easy to deploy the solution for different car manufacturers. From that perspective, the ease of deployment and scalability is very good.

ForgeRock's customer support is very good. Generally, the team is very responsive and takes a sense of ownership and accountability.

I previously used a different solution before ForgeRock, which was custom-built and homegrown. It was stitched together across platforms; the web had a different solution, the mobile app was different, and the navigation device had different setups. All solutions were homegrown and home-brewed.

I inherited the project when we were evaluating ForgeRock as the final solution. I do not remember the other company because it was in 2015.

On the pricing side, it was reasonable. As a customer, one always prefers lower costs or pricing. On the setup and implementation side, since we were doing it for the first time and the impact would have been substantial, it took considerable time and money to implement. There was a setup cost at that moment. However, we knew that later versions would have been much easier, but we were early adopters.

We purchased the software through a company called Everett in the Netherlands. That company also provided implementation services, which we utilized effectively. That company was later acquired by PwC, and we continued to work with them until 2018 and 2019, whenever we needed assistance. In the initial couple of years, they were very involved in the implementation side and on-site support, which was very good.

The most significant benefit is from the security perspective. We were able to assure that there were no challenges with security. We never experienced any user ID, user password, or personal information being leaked because it was a very secure system that we implemented properly.

On a B2B level, it opened up the market for TomTom to sell its services in a more efficient way to car companies. In the past, it was very complicated to set up separate servers for traffic flow and different information. Now we did not have to do that. Although it is difficult for me to give a specific percentage, it opened up the market for TomTom, and I believe they made several millions from it.

My experience with pricing, setup cost, and licensing was somewhat complicated. One has to spend considerable time trying to understand the different modules and different needs for those modules on the licensing front.

The advice I would give to others looking into using ForgeRock is that ForgeRock as an IAM platform is not the problem. The problem always lies with whether the customer is very clear on what they want to do and has made up their mind before acquiring the platform. Generally, the challenges occur on the implementation side when the customer is not ready to implement or does not have all the use cases figured out. That is why they get a very minimal return on investment. At our end, before we signed the deal, we were very strong on how we were going to implement, and we already had enough design documents in place to understand the different requirements. That is why implementing and executing was a key focus. Any future customer should know what they are going to do with the platform before acquisition; it is like learning to drive before buying a car. I gave this review a rating of eight.

At Bank of America, our main use case for ForgeRock is to manage secure user authentication and authorization for our enterprise platform. For example, we use ForgeRock to implement OAuth 2.0 authentication flows and ensure that only authorized users can access sensitive onboarding workflows and data. A specific scenario would be when a new user is onboarded. ForgeRock handles the authentication process, enforces multi-factor authentication, and manages user roles and permissions to control access to different stages of the onboarding lifecycle, such as draft, submission, approval, and finalization. This integration helps us maintain regulatory compliance as well as auditability and security with multiple user roles, while also streamlining user experience and reducing the risk of unauthorized access.

Integrating ForgeRock with our onboarding workflows has been a valuable learning experience because there are both smooth and challenging aspects. The smoothest part is ForgeRock's standards-based support for Auth and SAML, which makes it straightforward to set up secure authentication and single sign-on for our onboarding module. ForgeRock's comprehensive documentation and RESTful APIs also help accelerate the integration. One challenge is mapping our complex multi-stage onboarding workflows, where users transition between draft, submission, and approval stages to ForgeRock's role-based access controls and policy configurations. We had to carefully design custom policies and attribute mappings to ensure that only the right users could perform specific actions at each stage, which required close collaboration between our development and security teams. Another tricky aspect is handling legacy user data and ensuring seamless migration to ForgeRock without disrupting existing user access or compliance requirements. Overall, the integration is successful, and the flexibility of ForgeRock's platform allows us to tailor the solution to our specific needs.

One thing that stands out about our main use case and the integration process is how ForgeRock's centralized policy management makes it much easier to enforce consistent security and compliance rules across all stages of the onboarding process. We are able to implement fine-grained access control, so permissions can dynamically adjust based on user roles and the current status of the onboarding request. ForgeRock's auditing and versioning features are particularly valuable for our compliance needs, allowing us to track every access and every modification event. Additionally, the flexibility to integrate with our existing tech stack including Java, Spring Boot, and Apache Kafka helps us avoid major architectural changes and keeps the project timeline on track. ForgeRock's extensibility and strong support for enterprise standards are key factors in the success of our implementation.

Initially, the primary improvement was security. By implementing standards-based authentication and access controls, we reduced unauthorized access incidents and strengthened our overall security posture. Next would be compliance. Centralized policy management and comprehensive auditing features made it much easier to meet regulatory requirements and pass company compliance audits. Efficiency was another major improvement. Automating user provisioning and access management streamlined onboarding processes, cutting manual administrative work and reducing onboarding cycle time. User experience also improved. The self-service features like password resets and account recovery improved user satisfaction. Another important positive impact was operational stability. The integration with our backend systems and the ability to manage policy centrally led us to fewer configuration errors. ForgeRock enabled us to deliver a more secure and compliant onboarding experience while also improving efficiency.

After implementing ForgeRock, we saw a reduction in onboarding cycle time by roughly twenty-five percent as automated workflows and centralized access management eliminated many manual steps. Security incidents related to unauthorized access or misconfigured permissions dropped by forty percent, and audit preparation time decreased by approximately thirty percent because of ForgeRock's comprehensive logging and reporting features. We also noticed a twenty percent reduction in user support tickets, especially regarding password resets and account recovery due to the self-serving capabilities. While these are rough estimates, they reflect the tangible improvements we experienced in efficiency, security, and user satisfaction.

The most valuable features ForgeRock offers are its support for standards-based authentication and authorization protocols including OAuth 2.0 and SAML, which make it a secure integration. The fine-grained role-based access control has been essential for managing complex user permissions across different onboarding workflow stages. Centralized policy and configuration management allows us to enforce consistent security and compliance. The platform's extensibility, along with RESTful APIs, makes it easier for us to integrate with our existing Spring Boot backend and other enterprise systems. Multi-factor authentication support and risk-based authentication have added significant value by enhancing security without compromising user experience.

Centralized management makes the biggest difference because it allows us to define, update, and enforce security and compliance rules from a single location, which is crucial given the complexity of our onboarding workflows and the need for strict compliance. This feature reduces manual configuration errors, improves consistency across different modules, and makes it much easier to audit and demonstrate compliance to internal and external stakeholders. It also streamlines collaboration between development, security, and compliance teams since everyone can work from a unified set of policies. Overall, policy management not only improves our security but also accelerates our development.

I wish we had used ForgeRock's adaptive risk-based authentication, which allows dynamic adjustment of authentication requirements based on user behavior. This could have helped us further strengthen our security. Another hidden gem is the built-in support for custom authentication modules and scripting, which gives a great deal of flexibility to tailor authentication flows. The self-service capabilities for password resets and account recovery have been very helpful in reducing support overhead and improving user experience. Discovering and utilizing these features would have definitely made our integration even smoother and would have provided additional value for both our users and our security team.

One area of improvement would be the user interface for policy and workflow configuration, which can become complex and sometimes unintuitive, especially for new administrators. A more streamlined and user-friendly UI would help reduce the learning curve. Enhanced out-of-the-box analytics and reporting would also be valuable, as our current options often require custom development or integration with external tools. While extensibility is a strength, documentation for advanced customizations and integrations could be more comprehensive and easier to follow. Improved support for seamless upgrades and backward compatibility would also help minimize downtime.

In terms of performance, optimizing the platform for high concurrency environments would be beneficial, especially for organizations with large user bases or peak usage periods. Enhanced scalability features such as more granular or horizontal scaling options would provide better support for distributed deployments. For integrations, having more pre-built connectors and easy integration with modern cloud-native services would accelerate adoption. Improved monitoring and real-time health dashboards would help proactively identify and resolve performance bottlenecks.

I have been working in my current field for seven years.

ForgeRock supports integration with legacy systems in our organization by offering a wide range of connectors and APIs. We utilize the identity gateway and REST APIs to bridge modern identity service with legacy platforms. These platforms support standard protocols including LDAP, SAML, and OAuth, which helps us connect with older systems. Custom connectors and scripting capabilities also allow us to tailor integrations with unique applications. This approach enables us to modernize our IAM infrastructure while still leveraging critical legacy systems.

With scalability in mind, ForgeRock supports both horizontal and vertical scaling to accommodate our growing user bases with increased transitions. We leverage containerization and orchestration tools to deploy ForgeRock components, which allows us to scale services up and down. Load balancing and clustering features ensure high availability and distribute traffic efficiently. Caching mechanisms, such as Redis cache or Ehcache, are used to reduce database load. One challenge we face is tuning the system for peak loads, especially during onboarding spikes or regulatory deadlines, but by optimizing our infrastructure and monitoring, we are able to address these bottlenecks.

ForgeRock supports multi-factor authentication and risk-based authentication in our organization by allowing us to enforce additional authentication steps, such as OTPs, push notifications, or biometrics. The platform provides flexible authentication trees, enabling us to design custom MFA flows tailored for different user groups and risk profiles.

ForgeRock's customer support team has been responsive and knowledgeable, assisting us during our technical challenges and when we needed guidance on best practices. The support team provides timely assistance. The support portals offer comprehensive documentation, troubleshooting guides, and community forums that have been helpful for resolving common issues independently. Overall, my experience with customer support has been positive, contributing to smoother deployments and ongoing maintenance.

I believe it is important to clearly define and thoroughly assess your organization's identity and access management needs upfront. ForgeRock's flexibility can be both a strength and a challenge if requirements are not clear. It is crucial to pay close attention to initial architecture and design, especially around authentication flows, user journeys, and integration. Additionally, investing in training for your technical team is essential because ForgeRock's platform is powerful but can have a steep learning curve for those new to it. Be cautious about potential complexity in customizations. While ForgeRock is highly extensible, over-customizing can complicate upgrades and maintenance. Ensure you have a solid plan for monitoring, logging, and compliance from the start.

I appreciate ForgeRock for its strong focus on security, which is critical for organizations handling sensitive data. My overall review rating for this solution is an eight.

I am using ForgeRock for standard support, policy configurations, and documentation clarity.

The pricing, setup cost, and licensing are very straightforward, which is a good success. I appreciate that it is very straightforward and helpful.

The customer support is very flexible and supportive, particularly in the area of automation and customer deployments. It is very helpful and supportive to our customers.

I appreciate ForgeRock for its flexibility and standard support. It helps significantly in policy configuration, authentication, and troubleshooting.

The policy configuration feature helps my team considerably because it aligns our business objectives to all policies. It makes it easier and more flexible to assign roles based on access control. It helps us in policy configuration, assigning roles, and onboarding and offboarding of users.

ForgeRock helps me in debugging token flows and automation support in deployments of software to the cloud. It has assisted me in solving debugging issues.

ForgeRock has made a huge impact on our company because it helps us with DevOps automation support and policy configuration. It has helped us tremendously, even in troubleshooting, making it easier to navigate and understand. It provides a better and proper view of how to approach troubleshooting.

An example of how ForgeRock improved our DevOps automation is that it saves us considerable time. Throughout the automation process, it helps us analyze our source code and automation processes. It made the process flexible enough that in less than thirty minutes or forty-eight hours, we complete the automation process.

There are some areas I want ForgeRock to improve. These areas include policy configuration, documentation clarity, UI complexity, and debugging token flow.

I want ForgeRock to improve in documentation clarity, UI complexity, debugging token flow, policy configuration, and DevOps automation support.

I have been using ForgeRock for over three years.

ForgeRock is very stable.

I would rate ForgeRock's scalability an eight out of ten. The scalability is very fine and acceptable to me, and I would recommend it to someone else.

The customer support is very flexible and supportive, particularly in the area of automation and customer deployments. It is very helpful and supportive to our customers.

I used CyberArk before, but I discovered the flexibility of ForgeRock and its powerful tools and features in keeping standard structures simple and understandable.

The pricing, setup cost, and licensing are very straightforward, which is a good success. I appreciate that it is very straightforward and helpful.

Over the past two to three years, we have had great metrics of success, saving costs, and ensuring that the process runs smoothly.

Over the past two to three years, we have had great metrics of success, saving costs, and ensuring that the process runs smoothly.

The pricing, setup cost, and licensing are very straightforward, which is a good success. I appreciate that it is very straightforward and helpful.

I was recommended to ForgeRock, and it was worth it.

I would like ForgeRock to improve in the area of debugging token flow and DevOps automation support for cloud deployment. I give this product a rating of eight out of ten.

One of my company's customers has already integrated ForgeRock and set up Splunk. We just did some simple configuration, but not much since our customer did it.

I use the tool for its single sign-on capabilities. With ForgeRock, we can enable single sign-on and multi-factor authentication features, as well as single-layer or two-layer multi-factor authentication and password-less authentication.

Basically, we enable multi-factor authentication when logging in to ForgeRock. With ForgeRock Access Management, we can access Splunk using single sign-on capabilities. If you need one more multi-factor authentication for Splunk, we can enable it for that particular application. We already enabled multi-factor authentication for ForgeRock Access Management. Users are authenticated through multi-factor authentication, so Splunk does not require one more such tool. If you want the improvements and prefer one more multi-factor authentication tool, then it is okay.

In the past, I saw that Splunk was integrated with a testing portal, and then it was integrated with Slack. I don't think ForgeRock directly supports integrations with Slack, making it an area where improvements are required.

I have been using ForgeRock for a year and a half. One of my company's customers uses the tool. My company implements and offers support for the tool.

I provide full support in the application integration for our customers.

I have used Splunk for CybeArk for one of my company's customers. I don't know of particular advantages in ForgeRock as such, but it helps reduce manpower and improve security, and then we can keep the environment stable.

The product's implementation phase is very easy, but a lot of customizations are required.

ForgeRock uses Splunk. ForgeRock's integration with Splunk is very easy and straightforward.

In terms of the tool's adaptive risk and intelligence features, I can say that it is an area that is time-based. In different regions, the working hours are different. We can configure the tool based on the timing and the work location.

In terms of the tool's operational efficiency, ForgeRock Access Management is used in a lot of environments, different regions, and in different stages of production environments. Manual monitoring is not possible, especially monitoring everything with the system memory and CPU memory, along with the user behaviors. Splunk easily monitors everything. From a business perspective, it will reduce risk and then reduce manpower. Splunk provides exact results and monitoring results to track a particular issue so we can easily identify the issue.

We usually receive alerts regarding high CPU utilization because of the high traffic we receive.

I can't comment on whether the tool helps in the area of predictive analytics or automated threat detection.

I recommend the product to others. I can also recommend products like CyberArk and Okta. Wherever we need to monitor the environment, specifically the cloud environment or on-prem one, I can suggest all the above-mentioned tools.

I rate the tool a nine out of ten.

We are consultants who have deployed versions of the ForgeRock solution.

From a functionality point of view, it's a solid product. Of course, the customers always complain about the price.

The solution has some AI features. It works very well, especially in Identity and Access Management. It helps detect anomalies in user behavior patterns. It also suggests security roles and other ways of doing things based on industry best practices.

The price could be better.

It looks like it's well funded, but the joining process with Ping Identity is a concern. It could take priority from a product point of view, which is a concern for customers.

In future releases, I would like to see easier integration with other solutions, like facial recognition and KYC solutions with de-dupe functionality and biometric onboarding. This would help complete the entire use case, especially from a customer identity management perspective.

I have been using this product for ten years or so.

We are an implementer and supporter.

Overall, I would rate it an eight out of ten.

We are like a big reference site in Africa, and they've already made a lot of deployments there. So, I would recommend it to everyone.

We use ForgeRock to implement SSO MSA for different customers with large databases. We also use the solution to unify their system and dashboards.

The most valuable features of ForgeRock are social login and data protection. From an organization's point of view, data privacy is the most valuable feature of ForgeRock. Data should be protected in the right way in an organization. User data is everything in an organization, and if data hacking harms an organization's reputation.

ForgeRock is a very good product for security and meeting your compliance and automation requirements. Our IT team's workload has definitely reduced after implementing ForgeRock.

The solution's deployment should be made easier.

I have been using ForgeRock for nine or ten months.

The solution's stability has to be better, but it depends mainly on how the solution is deployed. Everything is linked to the deployment style. If the deployment is done properly, everything can be fixed automatically.

I rate the solution a seven out of ten for stability.

Around four to five users are using the solution in our organization.

I rate the solution ten out of ten for scalability.

The solution’s technical support is good.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a five out of ten.

The solution’s deployment takes more than two to three months. We need to install the identity gateway servers first, and based on the gateway servers, they have to initiate the proxy servers. Once the proxy servers are properly configured, I can start with my different application integration. The whole process itself stretches to two months. That's why it's a very lengthy procedure.

ForgeRock is an expensive solution.

We are using ForgeRock mostly for banks and universities. We are letting them use the self-registration page via social logins, having the consent to provide the data, and implementing the ease of logging into the system. So, this is how we are using the solution's CIAM.

Overall, I rate the solution an eight out of ten.

We use ForgeRock for providing application security.

All of the product's features are good.

The product's support services in the French language are not free. It is challenging to communicate with their team in the English language. This particular area needs improvement.

We have been using ForgeRock for two years as a partner.

I rate ForgeRock's stability a nine out of ten.

We manage 200 to 2,000 ForgeRock customers. They are all enterprise businesses.

The technical support services could be better.

The product is easy to set up. However, the evaluation setup lacks a few components. I rate the process a nine out of ten. The deployment involves access management and directory services configuration. It is time-consuming to set components like directory table policies and target DNS. It takes around ten days to complete.

It is a good and stable product. I rate it a nine out of ten.

One of the best features of ForgeRock OpenIDM is that once you configure all the connectors, scripts, and modifications, you can migrate that project directory to other higher environments. We don't need to reinstall. Installation and configuration are pretty easy for ForgeRock OpenIDM.

ForgeRock OpenAM is also pretty easy to install and configure. The easiest part of the solution is the workflows, which are pretty easy and very good. We used to have chains that we would not use in the latest release.

ForgeRock does not provide support for issues related to SCIM connectors as their engineers or developers do not know exactly about it. The solution's documentation is not very good, and they do not give more details.

I have been using ForgeRock for about five years.

I rate ForgeRock somewhere between eight and nine out of ten for scalability.

ForgeRock's technical support is pretty good compared to other products. The only thing is they don't want you to ask any questions about how to do something. They will not tell you, and you have to figure it out. You can get a lot of online material and blogs for products like SailPoint, Oracle, or Okta. Since ForgeRock is not used much, people do not put anything in blogs. So you have to figure it out on your own.

I compared ForgeRock with various tools. I worked on Oracle IDM, Oracle Access Manager, and SailPoint. SailPoint is pretty good for provisioning, and it has a lot of different things. The governance feature in ForgeRock is comparatively new, and they also came up with the reporting feature. So some features are still new, but it has improved a lot.

ForgeRock's initial setup is straightforward. It's not complex for an experienced engineer or developer.

ForgeRock's pricing is more competitive than other products. I worked on a very big project about ten years ago. Oracle was extremely aggressive on pricing, and they go based on the number of users. Oracle offers very less pricing for educational projects. I'm unsure about ForgeRock's pricing structure for the financial industry, education universities, and big projects.

ForgeRock has four modules, namely, OpenIDM, OpenAM, OpenDS, and Identity Gateway.

ForgeRock is a pretty simple solution compared to other products. As simple as it is, you will have some product limitations somewhere. You can do a lot on Oracle and SailPoint since they have in-depth solutions for anything. However, ForgeRock has some limitations.

Overall, I rate ForgeRock an eight out of ten.