ForgeRock Access Management – Customization and APIs (FR-421)

This course provides a hands-on technical introduction to ForgeRock® Access Management APIs and customization use cases. ForgeRock Access Management is built from the OpenAM open source project. Students examine Access Management extension points and gain the skills required to extend and integrate an Access Management deployment in a real-world context. Development best practices are demonstrated in a series of labs.
Note that Revision B of this course focuses on ForgeRock Access Management, built from the OpenAM 13 open source project.
Duration: 5 days
The following are the target audiences for this course:
  • Application Developers, adapting client applications to use OpenAM access management capabilities
  • System Architects and Software Developers, extending and integrating OpenAM services for their organizations
The following are the prerequisites to successfully completing this course:?Completion of the FR-420 course
  • Basic knowledge and skills using the Linux operating system to complete labs
  • Basic knowledge of JSON, JavaScript, REST, Java, Groovy, and XML will be helpful in understanding examples
Course Objectives
Upon completion of this course, you should be able to:
  • List extension points of OpenAM
  • Describe the Service Provider Interface mechanism
  • List which customizable components are affected in common use-cases of OpenAM
  • Use the Service Management Service
  • Understand the basic concepts of scripting
  • Use the administration interface to look up, edit, and configure scripts
  • Describe how OpenAM performs authentication
  • Design and implement a custom authentication module
  • Discuss characteristics of Post Authentication Plugins (PAPs)
  • Design and implement a custom Post Authentication Plugin
  • Describe how scripted authentication works
  • Explain how server-side scripted authentication modules communicate with OpenAM
  • Use the administration interface to create and test authentication chains containing scripts
  • Discuss the policy concepts in OpenAM 13
  • Implement an EntitlementCondition or a scripted condition
  • Describe the ForgeRock Common REST API (CREST)
  • Enable Cross-Origin Resource Sharing (CORS) in OpenAM
  • Explain how users can be authenticated through the REST API
  • Demonstrate how identities and realms can be managed through the REST API
  • Show how password reset and user self-registration can be carried out using the REST API
  • Query the list of dashboard applications through the REST API
  • Show how to use the policy engine to protect non-URL-based resources
  • Describe the policy management and evaluation REST APIs
  • Describe OAuth 2.0 and OpenID Connect, including how to use their HTTP endpoints
  • Demonstrate scope validation and customize its default behaviour
  • Explain the basic concepts of UMA
  • Set up OpenAM as an UMA authorization server
  • Manage UMA resource sets
  • Demonstrate how to customize the UMA workflow