ForgeRock OpenIDM v1.5 Walkthrough


Key Capabilities of OpenIDM

Information Storage and Extendable Data Model

OpenIDM provides a flexible object based model with an underlying storage in an embedded DBMS system, optimized to be scalable, lightweight, secure and transactional. There are no strict pre-defined objects and relations. Almost without any
limit now type of objects, attributes and relations can be introduced making it unnecessary for external data management systems.

Embeddable Architecture

Significantly decrease the required implementation period and the unit testing of the framework increase the stability of the customized system.

Password management

OpenIDM provides the necessary capabilities to define and enforce password policies through-out the enterprise as well as intercepting and synchronizing passwords from Microsoft Active Directory and ForgeRock OpenDJ, but also provide reset and retrieval functionalities.

Account Discovery and Reconciliation

OpenIDM offers a scalable method of discovering new, changed or deleted accounts on integrated resources as well as provide the necessary information to offer critical information about orphan accounts etc.
Active and Static Synchronization In near real time can OpenIDM detect changes in state to objects on resources. This means that a new user created on a resource can trigger an event inside OpenIDM to ensure he gets provisioned correctly with the proper access and entitlements – typically this allows enterprises to automatically drive provisioning activities from Human Resource systems or other authoritative sources. The synchronization also allows to call out to custom Java methods, workflows or rules.

Flexible Rules with JavaScript

OpenIDM allows for powerful rules to be created using JavaScript. This gives the advantage of easily being able to map and transform identity data as it flows through OpenIDM to the integrated end resources and vice versa.

Audit and Reporting

OpenIDM ensures that proper logging is done on all activities happening inside OpenIDM and offers the capability to provide reports distilled on the specific needs for customers. OpenIDM also provides an Event Publisher which allows third party reporting tools to integrate easily with OpenIDM to extract the necessary reports in well known formats.

Workflow and Business Processes

Every action inside OpenIDM is tied to an event which can trigger custom actions whether they are call-outs to Java methods, JavaScripts or Workflows. Embedded with OpenIDM is a full blown BPMN 2.0 workflow engine.

Resource Connectors

OpenIDM leverages the Open Source Identity Connector Framework (OpenICF) providing a rich set of mature connectors to a number of systems such as databases, directories and operating systems. The framework is also easily extended with additional connectors to support custom integrations to third party applications. See the Resource connector table for a list of available connectors.

Leave a Reply

Your email address will not be published. Required fields are marked *