Account Creation – OpenAM/OpenIDM

This topic has 2 replies, 2 voices, and was last updated 3 years, 6 months ago by kburkhardt.

  • Author
    Posts
  • #15383
     kburkhardt
    Participant

    I’ve been looking for examples and/or discussions about how to handle user self-service when running both OpenAM and OpenIDM, but I have come up short. My default preconception is that OpenIDM should handle it, and I expected OpenAM to have OOB integrations to do that, but this seems not to be the case. Can someone point me to some resources, or give an experienced opinion on this topic? Thanks!

    #15397
     Rajesh R
    Participant

    @kburkhardt You are right, as an Identity Management solution, managing the entire lifecyle of Identities, ideally OpenIDM should take care of User Provisioning, including via Self Registration. And Access Management should take care of centralized Authentication, Authorization, Single Sign-On etc.

    Both ForgeRock OpenIDM and OpenAM, however, offers the capability to its End Users to self register themselves. In case of OpenIDM Self Registration, the End User provisioning process might get synchronized to other OpenIDM connected Systems as well. A quick demonstration on OpenIDM self registration capability is captured in the screen-cast at the link below:

    https://forgerock.org/2016/02/setting-email-user-self-registration-forgerock-openidm-4/

    Though OpenAM is expected to be an Access Management solution, there are scenarious where the Customer environment has just a single datastore and may like to have their End Users Self register themselves to it. So as a value add, OpenAM also supports Self Registration Capabilities (disabled by default; enabled with a checkbox tick). The following reference might give some additional hints:

    https://forgerock.org/2015/10/user-self-registration-in-forgerock-openam-part-i-using-xui/

    #15408
     kburkhardt
    Participant

    Thank you for the links. It seems obvious to me that OpenIDM should do this. My question boils down to something simple. As it stands, it appears that I will have to modify the OpenAM XUI templates to add my OpenIDM links for self-service. Is this the way to integrate the products, or have I missed something that makes more sense?

Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?