ForgeRock® Identity Management Core Concepts (IDM-400)

The ForgeRock Identity Management Core Concepts course is for students who want to learn how to implement ForgeRock Identity Management (IDM) to manage the complete identity lifecycle of users, devices, and things. Using ForgeRock Identity Management samples and the lab exercises in this course, students gain hands-on experience with the important features and capabilities of ForgeRock Identity Management, which they can then use to deploy ForgeRock Identity Management on the job.
Note that Revision A of this course is built on version 5.0 of ForgeRock Identity Management.
Target Audiences
The following are the target audiences for this course:
  • System Integrators
  • System Consultants
  • System Architects
  • System Administrators
  • Web Developers
Upon completion of this course, you should be able to:
  • Perform basic user provisioning between an external resource and IDM using the IDM samples
  • Use the REST interface to access IDM
  • Deploy and manage IDM as a development project
  • Configure IDM to use a supported JDBC database
  • Add connectors to communicate with external resources using the Admin UI
  • Add mappings using the Admin UI to synchronize data between external resources
  • Manage devices and things in IDM
  • Connect to external resources using OpenICF
  • Synchronize identity data between multiple external resources
  • Run selective synchronization and LiveSync
  • Configure rule-based provisioning
  • Configure role-based provisioning
  • Configure the IDM Task Scanner to execute scripts
  • Configure password synchronization between IDM and DS
  • Configure User Self-Service
  • Manage passwords and authentication
  • Integrate IDM with the ForgeRock Identity Platform™
  • Theme the Self-Service User Interface
  • Configure social identity providers
  • Manage the user preferences and consent options for end users
  • Run the sample workflows included with IDM
  • Deploy a simple workflow
  • Create a new workflow process with Activiti Designer
The following are the prerequisites to successfully completing this course:
  • Completion of the ForgeRock Identity Management Product Overview course
  • Basic knowledge and skills using the Linux operating system to complete labs
  • Basic knowledge of JSON, JavaScript, REST, Java, Groovy, SQL, and XML helpful in understanding examples
5 days
Show details
Course Contents
Chapter 1: Identity Provisioning
Lesson 1: Performing Basic User Provisioning
  • Install and start IDM for the first time
  • Start IDM with a sample configuration and run the sample
  • Start IDM with the LDAP sample configuration and run the sample
Lesson 2: Using the REST Interface to Access IDM
  • Access the common IDM REST endpoints
  • Review the default IDM REST endpoints (optional)
Lesson 3: Deploying and Managing IDM as a Project
  • Set up a new IDM project for development
  • Configure IDM to run as a background process
  • Examine the different log files in IDM
Lesson 4: Configuring IDM to Use a Supported JDBC Database
  • Configure IDM to use MySQL as the database internal repository
Lesson 5: Adding Connectors to External Resources
  • Add a connector to an external HR XML file
  • Add a connector to an external LDAP resource
Lesson 6: Adding Mappings to Synchronize Data
  • Add a sync mapping from the XML file to the IDM repository
  • Add a sync mapping from the IDM repository to the LDAP server
Lesson 7: Managing Devices and Things
  • Add a connector to import device identities
  • Create a new device managed object
  • Set up a relationship between device managed objects and user managed objects
  • Create a sync mapping to provision devices to the IDM repository
Chapter 2: Synchronization and Reconciliation
Lesson 1: Connecting to External Resources Using OpenICF
  • Update the LDAP connector to set the immutable property
  • Use the Custom Scripted Connector Bundler to Build a Scripted SQL Connector
  • Extend the Scripted SQL Connector sample to your project
  • Configure the Database Table Connector to communicate with a single database table
Lesson 2: Synchronizing Identity Data between Multiple External Resources
  • Create a sync mapping to seed the repository with employee users
  • Configure a sync mapping to seed the repository with contractors from the CTDB table
  • Configure a sync mapping to link and provision employees from the repository to the Corporate Directory
Lesson 3: Running Selective Synchronization and LiveSync
  • Run selective synchronization using filters
  • Identify methods of determining change events with LiveSync
  • Schedule LiveSync with the HR database
Lesson 4: Configuring Rule-Based Provisioning
  • Use scripts within a rule-based synchronization
  • Use custom endpoints to execute scripts on the server
  • Use the IDM API in provisioning scripts
  • Use custom Java for advanced business logic
  • Create custom configurations to maintain lists
  • Use email to inform administrators about exceptions (optional)
Lesson 5: Configuring Role-Based Provisioning
  • Provision attributes to one or more external resources based on static role assignments
  • Provision attributes to one or more external resources based on dynamic role assignments
  • Add temporal constraints to a role
Lesson 6: Configuring the Task Scanner to Execute Scripts
  • Automatically deactivate users using a sunset script
Lesson 7: Synchronizing User Passwords With LDAP Servers
  • Establish secure communications between IDM and DS
  • Install and test the DS password synchronization plugin
Chapter 3: Self-Service and Profile Management
Lesson 1: Configuring User Self-Service
  • Configure the outbound email service
  • Enable email-based self-registration, password reset, and username retrieval
  • Enable Google reCAPTCHA options to protect from spam and abuse
Lesson 2: Managing Passwords and Authentication
  • Configure and enforce a password policy
  • Enable delegated authentication
  • Store multiple passwords for managed users and extend the password history policy (optional)
Lesson 3: Integrating IDM with the ForgeRock Identity Platform
  • Prepare the ForgeRock Identity Platform components
  • Delegate all IDM authentication to AM (ForgeRock Access Management)
Lesson 4: Theming the Self-Service User Interface
  • Prepare your system for theming
  • Customize the Self-Service UI theme
  • Add a custom field to the Self-Service UI registration page
Chapter 4: Social Registration and Authentication
Lesson 1: Configuring Social Identity Providers
  • Set up a new IDM instance for the CIAM use cases
  • Set up a social ID provider for Google
  • Set up a social ID provider for Facebook
Lesson 2: Managing the User Preferences and Consent Options for End Users
  • Manage links between end user accounts and social identity providers
  • Configure synchronization filters with user preferences
  • Extend the User Preferences (optional)
Chapter 5: Workflow Engine
Lesson 1: Running the Sample Workflows Included with IDM
  • Asynchronous Reconciliation Using Workflows
  • Run the Sample Workflow – Provisioning User Accounts
  • Run the Workflow Use Cases from the documentation (optional)
Lesson 2: Deploying a Simple Workflow
  • Examine a simple workflow
  • Deploy the simple workflow
  • Execute the simple workflow
Lesson 3: Creating a New Workflow Process with Activiti Designer
  • Create and deploy a simple workflow in Activiti Designer
  • Add an initiator, assignee, and a form to the workflow
  • Add external validation to the workflow
  • Add approval using Activiti
  • Install Eclipse and Activiti Designer on Linux or Windows (optional)