January 17, 2017 at 3:56 pm #15383kburkhardtParticipant
I’ve been looking for examples and/or discussions about how to handle user self-service when running both OpenAM and OpenIDM, but I have come up short. My default preconception is that OpenIDM should handle it, and I expected OpenAM to have OOB integrations to do that, but this seems not to be the case. Can someone point me to some resources, or give an experienced opinion on this topic? Thanks!January 18, 2017 at 7:28 am #15397Rajesh RParticipant
@kburkhardt You are right, as an Identity Management solution, managing the entire lifecyle of Identities, ideally OpenIDM should take care of User Provisioning, including via Self Registration. And Access Management should take care of centralized Authentication, Authorization, Single Sign-On etc.
Both ForgeRock OpenIDM and OpenAM, however, offers the capability to its End Users to self register themselves. In case of OpenIDM Self Registration, the End User provisioning process might get synchronized to other OpenIDM connected Systems as well. A quick demonstration on OpenIDM self registration capability is captured in the screen-cast at the link below:
Though OpenAM is expected to be an Access Management solution, there are scenarious where the Customer environment has just a single datastore and may like to have their End Users Self register themselves to it. So as a value add, OpenAM also supports Self Registration Capabilities (disabled by default; enabled with a checkbox tick). The following reference might give some additional hints:January 18, 2017 at 5:01 pm #15408kburkhardtParticipant
Thank you for the links. It seems obvious to me that OpenIDM should do this. My question boils down to something simple. As it stands, it appears that I will have to modify the OpenAM XUI templates to add my OpenIDM links for self-service. Is this the way to integrate the products, or have I missed something that makes more sense?
You must be logged in to reply to this topic.