rasarkar

I have ForgeRock IDM configured for client certificate authentication for a particular service. ForgeRock stack is deployed on a K8s cluster. If I try to authenticate using client certificate using the POD or service URLs it works fine and gives me a desired response.

As soon as I try to do that using the nginx ingress URL it stops working…[Read more]

Hi All,

Looking for some guidance here.

Our client has a requirement where the user has multiple addresses associated with himself/ herself. In addition to this the customer should be searchable using the postcode of the address. We are thinking of managing addresses as different objects and maintain relationship between user and address. This…[Read more]

Hi Team,

We are trying to build a IOT solution prototype and showcase to different clients about ForgeRock’s IoT capabilities. As part of the initiative we are trying to assign device to users using the device flow grant flow. We have followed the instructions listed in…[Read more]

Hi Team,

I am using ForgeRock AM 6.5. For user store I am using ForgeRock DS 6.5. I have users and groups in ForgeRock DS and the membership seems fine.

However after authenticating I cannot authorize a member on the basis of group memberships. I have tried the following in Authorization policies-
1. Users and Groups under subjects tab
2. LDAP…[Read more]

Hi Everybody,

We have a requirement where a end-user submits a registration request through ForgeRock. The registration should not create the user right away but should raise a request and assign it to a particular approver user. The approver user after taking a look at the request needs to approve it in order to have the user created in…[Read more]

Hello Guys,

I have been trying to configure social authentication with Google on my local and facing some strange issues-

With IDM 6.0 the authentication with google is fine. But after it redirects to OpenIDM one POST request to the URL https://idm.example.com/openidm/identityProviders?_action=handlePostAuth fails with the following…[Read more]

Hi All,

I see a strange behavior by the AM 6.0 version. After installing the agent if I hit the protected URL the agent is appending a ‘realm=/’ at the end by default. Can you please help me here

My protected URL: application.example.com
AM redirects to:…[Read more]

Hi All,

We have a requirement of upgrading a OpenAM 12.0 instance to AM 6.0 instance. ForgeRock does not support upgrade from 12.0 to AM 6.0. So we have decided to setup a separate instance of AM 6.0 and migrate apps slowly from OpenAM 12.0 instance to AM 6.0.

The problem we are facing is with SSO. Once a app is migrated to the newer version…[Read more]

I am trying to configure IDP initiated SSO with Salesforce. I have created a separate salesforce domain and exchanged the metadata. My openam URL is https://openam.example.com:8443/openam and salesforce URL is https://forgerockpreview-dev-ed.my.salesforce.com. I am trying to accomplish IDP initiated SSO using the following URL…[Read more]

Greetings people.

Currently our audit logs for OpenAM logs all the events as per GMT. The client is in EST timezone. Can you please tell me how this events can be changed from GMT to EST?

Regards
Ranajoy

Greetings people.

Has anybody integrated Juniper VPN solution with ForgeRock Access Manager. How tough it is and can you point me to any documentation that can be helpful

I am writing a custom authentication module to customize the flow of the OOTB HOTP module. I have written a service configuration file as part of that. The problem is the order of the attributes in the AM console while configuring the module does not match the order of the attributes defined in the file. Also every time I open the authentication…[Read more]

Hi Team,

I am trying to configure social authentication in OpenAM using google. After entering client ID and client secret I see the following error- “Unable to reach, https://accounts.google.com/.well-known/openid-configuration.”

Anybody has any idea how to fix it?

Regards
Ranajoy