Coming October 25: PeerSpot Awards will be announced! Learn more

ForgeRock OverviewUNIXBusinessApplication

ForgeRock is #1 ranked solution in top Customer Identity and Access Management tools, #3 ranked solution in top Access Management tools, and #4 ranked solution in top Identity Management (IM) tools. PeerSpot users give ForgeRock an average rating of 7.8 out of 10. ForgeRock is most commonly compared to SailPoint IdentityIQ: ForgeRock vs SailPoint IdentityIQ. ForgeRock is popular among the large enterprise segment, accounting for 71% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 22% of all views.
ForgeRock Buyer's Guide

Download the ForgeRock Buyer's Guide including reviews and more. Updated: September 2022

What is ForgeRock?

ForgeRock is a comprehensive open-source identity and access management solution designed to meet the unique needs of your users and workforce. With ForgeRock you can orchestrate, manage, and secure the complete lifecycle of identities in any cloud or hybrid environment. ForgeRock allows you to set up bot detection, identity proofing, and risk-based authentication.

With ForgeRock, you can define access policies and automate the management of the identity lifecycle all from a central, easy to use, and graphical dashboard. ForgeRock Access Management allows you to build safe authentication using options like passwordless and usernameless logins, single sign-on, biometrics, contextual analytics, and behavioral authentication. When threats appear, you can swiftly change how your users access your most sensitive applications and provide users with secure access to the applications, systems, and resources they need on demand.

ForgeRock Benefits and Key Features

  • Elevate your security and efficiency: Consolidating your legacy systems under one single platform provides reliable, unified control over all your user identities and access-related policies. ForgeRock Access Management also supports scaling existing policies for application onto new setups.

  • Passwordless authentication: Implementing passwordless authentication is simple with ForgeRock Access Management. You can easily replace user-selected passwords with other options, such as easy multi-factor authentication, biometrics, and SSO.

  • Identity governance: ForgeRock Identity Governance is a modern, AI-driven identity governance solution. By leveraging ForgeRock generated analysis reports, you can identify and apply appropriate user access, automate high-confidence access approvals, recommend certification for low-risk accounts, and review high-risk and inappropriate user access privileges. In addition, you can grant and enforce access to systems, applications, and infrastructure according to established policies.

Reviews from Real Users

ForgeRock stands out among its competitors for a number of reasons. Two major ones are its robust identity and access tools and its being easy to manage and scale with one central dashboard.

PeerSpot users note the effectiveness of these features. A technology solutions leader at an outsourcing company writes, “We need it for multiple clients, multiple implementations. Not all of them are necessarily a multi-tenant solution. We need a very versatile solution that can do a lot of work, but from a single instance that we can centralize authentications and we don't duplicate the efforts and that's where ForgeRock seems to do better.”

Mohamed B., a cyber security consultant at a tech company, writes, "Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users. ForgeRock secured our system so that it is accessed only by authorized people, and it implemented the SSO."

ForgeRock was previously known as ForgeRock Identity Platform, ForgeRock OpenIDM .

ForgeRock Customers

Geico, Thomson Reuters, Salesforce, McKesson, Trinet, SKY, BNP Paribas, Deloitte, Capgemini, North Western University

ForgeRock Video

ForgeRock Pricing Advice

What users are saying about ForgeRock pricing:
  • "We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years."
  • "The pricing of the solution is fair but I do not have the full details."
  • "Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more."
  • "The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end."
  • ForgeRock Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Technology Solutions Leader at a outsourcing company with 10,001+ employees
    Real User
    Top 20
    Good for multi-client setups and easy to implement but the scalability seems uncertain
    Pros and Cons
    • "Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process."
    • "We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced."

    What is our primary use case?

    We primarily use the solution for multiple clients and multiple implementations.

    What is most valuable?

    Fundamentally, we're not using ForgeRock as a single application Identity Management Solution. We need it for multiple clients, multiple implementations. Not all of them are necessarily a multi-tenant solution. We need a very versatile solution that can do a lot of work, but from a single instance that we can centralize authentications and we don't duplicate the efforts and that's where ForgeRock seems to do better.

    What needs improvement?

    We need some more time with the solution to really note if there are specific features that are missing. Currently, it's doing a good job of covering what we need.

    We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced.

    We've signed the contract and yet we're still not going through the typical process, which is worrying.

    For how long have I used the solution?

    We started using the solution a few months ago.

    Buyer's Guide
    ForgeRock
    September 2022
    Learn what your peers think about ForgeRock. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
    632,779 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    It's been only two, three months. So far, we haven't seen any issues and I'm not sure if we will have any issues in the next year or so. 

    However, as we move, my biggest concern in the past and right now is when we start adding multiple clients to the same base setup. That's where I'm more worried about how it will take individual authentication versus claims level authentication. I wonder about how it's going to handle all of that. That's where I'm more worried. I'm patiently waiting for a few clients to be on the platform. 

    What do I think about the scalability of the solution?

    I'm worried about the scalability of it. I'm not worried about the scalability itself. I'm sure it will scale. However, I'm concerned about what sorts of problems we'll run into when we start scaling the solution higher. Right now it's very low volume.

    They have assured me it will be fine. We just got a new Account Manager assigned to my company and she's assured me that any such problems and they will be able will align with their standard scalability structures. She has assured me that if there are any issues, their team would jump in and make sure that our clients are not going to be impacted by any issues we might end up having.

    How are customer service and support?

    We're still in the honeymoon phase with ForgeRock. Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process. Maybe it will be different once we are around for a while. However, since we are a growing account, we are an enterprise account, and the Account Manager is really new, we are being treated a little bit differently than regular customers. Obviously, I don't expect it to be this red carpet a year down the lane. That said, right now, it's very nice.

    Which solution did I use previously and why did I switch?

    We did previously use a different solution. Scalability and consolidated implementation was one of the reasons we had the previous product. However, I can't even remember the name of it. With the previous product, the problem was we had to put a base set up for every client differently when it is not a multi-tenant solution. That was one of the reasons we switched to ForgeRock. Even though the implementations are not multi-tenant, we can re-route all the IT management through ForgeRock at this point in time.

    How was the initial setup?

    The initial setup wasn't too complex. I didn't think it was any difficult. I sometimes believe I don't give enough credit to my team. Some of my team members have upwards of about 20 years experience in doing this. They're doing these types of implementations all of the time and they make it seem very easy. I haven't heard a single problem from them. They seem to have handled the entire process very well.

    What's my experience with pricing, setup cost, and licensing?

    In terms of usage, it's not our standard cost. We're not doing it for our purpose. We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years. We expect that to double, at least based on how many solutions we scale to. The amount of money we spend on ForgeRock will depend on the number of clients we get. Right now it is on one product, so it is not that much currently. If we scale it to other products, that number will change drastically.

    What other advice do I have?

    We are just customers. We don't have a business relationship with the solution.

    I don't have the details in regards to which version of the solution we're using.

    My advice to other potential users would be to not look at the cost savings when you scale. Instead, look at the issues you will run into when you scale. If you plan for scaling two years down the line, the mistake we made a couple of times in other solutions was that it was actually more expensive when you scale without the architecture properly done. Therefore, take the time to plan ahead.

    Currently, I'd rate the solution at a seven. I'm a little worried that, even though we've signed the contract, we are being channeled through a couple of leaders rather than going through the regular process. I'm worried about how that new process is going to be for us.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Trisha Bhola - PeerSpot reviewer
    Senior Associate at Cognizant
    Real User
    It's easier to customize and maintain our code
    Pros and Cons
    • "ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations."
    • "We raised tickets asking for improvements, but sometimes we don't get the proper solution. They are responding, but the ticket is open for weeks and weeks. For some issues, we don't get a satisfactory solution or the solution doesn't work."

    What is our primary use case?

    In AUS, there is an accredited open banking solution. We worked on a security profile using ForgeRock. We used four or five ForgeRock components, including Access Management, Identity Gateway, Identity Management, and Directory Stores. Another use case is the insurance side, but it's also consumer identity and Access management.

    When I'm working on the client's site, it's a different user base, so I'm not sure how many people or products there are. I think both organizations are using ForgeRock to manage that data for many projects.

    How has it helped my organization?

    With ForgeRock, we don't need to do everything independently because it's a PaaS. Before ForgeRock, we used our own custom authentication mechanism, so we had to write custom code. After integrating with ForgeRock, we can use GUI instead of messing with the backend as much. 

    We also have to maintain that code and upgrade it every time there is a library change or customization. We need to manage it, but it's easier to customize and maintain in ForgeRock.

    What is most valuable?

    ForgeRock products are customizable, and the out-of-the-box features are solid, too. I primarily use the OIDC compliance features. It's just a configuration. it's easy to set up and customize trees. We can add our own features if necessary. Banks and corporations have different standards and specific validations. 

    What needs improvement?

    There are many issues with the latest version, so we've raised many tickets. They added new features, but that also needs some improvement. It may be related to some standards like requirements and specific settings that need to be improved. 

    We are using OIDC and SAML Federation standards, and I think SAML things also need some improvement. It is a known issue that's already in their release notes. So I guess that is already there.

    For how long have I used the solution?

    I have been using ForgeRock for three years.

    What do I think about the stability of the solution?

    I haven't had issues with ForgeRock's stability, but there could be some performance improvements. Initially, it took some time to maintain some features. In the directory stores, it took a lot of time. There are some lags due to different reasons, or maybe it's a network issue. We have problems connecting with the database. We need to add monitoring tools for all those parts and immediately verify which components went down.

    What do I think about the scalability of the solution?

    I think ForgeRock is easy to scale on the cloud side, but I've never worked on the cloud. We are already using four sites, so I think it's different when you have your own servers and on-prem. We have only four servers, and we are managing everything on these four servers, so I can't say much about scalability. Our user base is big. A million people are using the whole CIAM process on one site.

    How are customer service and support?

    We raised tickets asking for improvements, but sometimes we don't get the proper solution. They are responding, but the ticket is open for weeks and weeks. For some issues, we don't get a satisfactory solution or the solution doesn't work. 

    I think ForgeRock support needs some improvement. Sometimes the person managing the ticket is not in that particular field, and he needs to confirm with his team or other technical teams.

    Which solution did I use previously and why did I switch?

    I worked on the development side. From the Ping perspective, it's mostly a configuration we did. It was another vendor doing the whole development for the Ping Foundation, mostly on the performance side. They were looking into that part.

    How was the initial setup?

    I worked on two different projects based on ForgeRock, and both are automated deployments. One is a UI-based deployment. It's an automated process using some scripts.  

    The deployments are done through Octopus, so it's also automated. We first deploy the essential components of AM and then implement additional configurations like Amster Imports. After that, we import all the SAML Federation data and add some certificates.

    We have two teams of five and three team members working on the different deployment processes. One is working on the dev side, another is looking at the higher environment, and one is managing the data.

    In another project, I'm the only developer. We also deploy on the dev environments so that anyone can test new features, configurations, and client requirements. They can test it on the dev environment, but a team of four people manages higher environments.

    The Access Management component involves the most customization, which takes around 15 to 20 minutes because of the need to import the Amster configuration. If another deployment is simultaneously happening, it may be a little slower and take around 30 minutes. The other components, like the user data stores, take about five to seven minutes. It's another five to 10 minutes for Identity Management. 

    After deployment, the maintenance is mostly checking for security vulnerabilities. If ForgeRock shares security vulnerabilities or advisories, we check to see if there is something inside we need to maintain. Other than that, we just install updates when they add features each month.  

    What other advice do I have?

    I rate ForgeRock nine out of 10. I would recommend ForgeRock to others. They're constantly coming out with new features, and you can do each feature in multiple ways. The way you go about it is up to you and your requirements.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    ForgeRock
    September 2022
    Learn what your peers think about ForgeRock. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
    632,779 professionals have used our research since 2012.
    Jatin Sawhney - PeerSpot reviewer
    Information Security Associate Manager at a tech services company with 10,001+ employees
    Real User
    Top 20
    Access management solution that is scalable, stable and offers useful functionality through intelligence authenication
    Pros and Cons
    • "This is a stable solution. When you do experience any issues, you will see it in your DB logs or audit logs so you can easily reach a conclusion of might be causing it."
    • "ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant."

    What is our primary use case?

    If for example, you click on facebook.com, the request goes from your browser to the application server. On the application server, one of the gateways may block your request. First it enters the firewall and then it reaches the application server where Facebook is deployed and it reaches a policy enforcement point. This policy enforcement point (PEP) would be the web agent.

    This request is blocked by this PEP, and it asks the basic first question of whether the URL is protected. The user then provides their credentials on their login screen and again, this PEP takes up this request to PDP and asks whether this user is authenticated to access this service. The credentials are checked in a user store. 

    So as soon as it checks your credentials, it gives back an answer to the policy decision point that this user is available in the user store. ForgeRock answers all these questions using its own codes.

    What is most valuable?

    We could previously make Authorization policies, and based upon these policies, only provide the access to certain resources. Right now our identity is not limited to just people but also items such as a smart refrigerator and a smart car.

    This entire login flow or registration flow is now taken care of by intelligence authentication. Almost all the notes which are required for these journeys are out of the box. If you want to enable biometrics, you can get these notes from ForgeRock marketplace. This is one of the features which I like the most about this solution. Most technologies are out of the box or require a minimum configuration.

    What needs improvement?

    ForgeRock is an open source solution and is available to everyone but it is not freeware. If you need support, you need a subscription for ForgeRock. Many of its functionalities need to be built up with the help of a consultant.

    There are some limitations and some issues. It requires you to create a code ticket and then work on it with ForgeRock. In a future release, we would like to add additional security to our environment. We would also like to have identity and access management technology for passwordless logins. 

    For how long have I used the solution?

    I have been using this solution for five years.

    What do I think about the stability of the solution?

    This is a stable solution. When you do experience any issues, you will see it in your DB logs or audit logs so you can easily reach a conclusion of might be causing it.

    What do I think about the scalability of the solution?

    This is a scalable solution. To add multiple users to the environment, you can enable a self-service access for user registration, a ForgeRock password and ForgeRock username. A user can do this by themselves. This solution also has a high data capacity. You can use the directive service as a replication server as well to replicate your user data between different directive services environment. 

    How are customer service and support?

    I would rate the support for this solution a three out of five because you can't depend entirely on them. You have to try troubleshooting by yourself as well. 

    How would you rate customer service and support?

    Neutral

    Which solution did I use previously and why did I switch?

    I have been working on other IAM products since the start of my career eight years ago. I have been using ForgeRock for the past five years.

    How was the initial setup?

    The initial setup is out of the box and simple, especially if you are creating a basic user journey with a registration and login. If you are going with an identity gateway, it may require some basic understanding about the technology.

    To deploy it from start to finish, took six to seven months.

    What's my experience with pricing, setup cost, and licensing?

    You can get an environment once you register on their site with your ID, and you will get a whole lot of downloads. If you enable ForgeRock on a consumer level, then you have to pay for it.

    What other advice do I have?

    Go to forgerock.com and create your ID. After that, you can complete multiple self-led trainings. There are documents which are very thorough. I would certainly recommend this solution to others. Onboarding on ForgeRock is quite easy. 

    I have been working on all the products of ForgeRock and I have worked on other products of the same category.

    I would rate this solution an eight out of ten.

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Identity Architect at a financial services firm with 10,001+ employees
    Real User
    Top 20
    Governance and access management solution used for multi-factor authentication that is outdated with an unresponsive UI
    Pros and Cons
    • "We used it to implement multi-factor authentication and to improve our security posture as well as reducing the potential for attacks."
    • "The user interface could be improved as it is cumbersome and outdated. It doesn't have a responsive UI."

    What is our primary use case?

    We use it for our enterprise workforce as well as for customer identity and access management. Our enterprise workforce is around 60,000 users and our customer base is approximately 100 million users.

    How has it helped my organization?

    We used it to implement multi-factor authentication and to improve our security to reduce the potential for attacks. It has enabled us to implement access control policies through authentication and authorization layers. 

    What is most valuable?

    The main feature that I like about ForgeRock is the workflow engine. It allows us to define some of the custom users depending upon the user's contextual access.  Other than that, the deployment and management of the tool is extremely difficult.

    What needs improvement?

    The user interface could be improved as it is cumbersome and outdated. It doesn't have a responsive UI. Secondly, the customization could be improved. You cannot develop customizations quickly. For example, if you want to add a custom attribute, you need to use other tools. You have to write the code and deploy it as a JAR in the server. 30 minutes of work takes five to six hours and you need specialized skills to write the JAR file. 

    For how long have I used the solution?

    We have been using this solution for five to six years.

    What do I think about the stability of the solution?

    This is a stable solution from a performance perspective.

    What do I think about the scalability of the solution?

    You cannot scale this solution vertically or horizontally. 

    How are customer service and support?

    The support for this solution is good.

    How would you rate customer service and support?

    Positive

    How was the initial setup?

    The initial setup is straightforward to some extent when it comes to integrating with Active Directory and LDAP. These are the only two straightforward components. 

    If you want to configure it in the distributed architecture, for example, you need to deploy ForgeRock in five data centers and you need to have that session replicated across all the different data centers. You need to set up a code token service and schema when using Forgerock and this cannot be automated. The setup takes a few weeks. 

    If you try to deploy a patch, that patch has to be backwardly compatible with the custom development. We cannot use patches as they are released by ForgeRock. The reason is that that patch might inhibit the custom code that is developed. What we have to do is re-engineer the custom node to work with the most up-to-date patch. 

    What about the implementation team?

    We implemented this solution in-house. They offer detailed documentation. However, the documentation doesn't reflect the actual product.

    What was our ROI?

    We have not yet experienced a return on investment. 

    What's my experience with pricing, setup cost, and licensing?

    The solution costs $2 per user. Any custom development involves additional fees. If the use case is only for the workforce and only to implement a single sign-on solution using standard out-of-the-box features, then this is the right tool to go for.

    What other advice do I have?

    This solution is extensively used, but we are not happy with the performance of the product or the customizations. Within the next six months we are evaluating other products because it is extremely difficult for us to scale it horizontally or vertically. 

    We are also not able to adopt the new standards as it is not a standard based code solution. We have to update the code every time for each customer whenever they request any division, improvement or feature. 

    I would rate this solution a five out of ten. The product is good but the underlying stack is not modern. They are not building out more adaptive features that other service providers offer.

    In future, we are looking for a cloud-hosted solution like PingOne, Okta, or Azure Active Directory.

    Which deployment model are you using for this solution?

    Hybrid Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Google
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Flag as inappropriate
    PeerSpot user
    Head Of Service Management at a financial services firm with 501-1,000 employees
    Real User
    Top 10
    Scalable, stable, but complex installation
    Pros and Cons
    • "The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users."
    • "In an upcoming release, the solution could improve by limiting the need to do customizations."

    What is our primary use case?

    We use the solution for the authorization and authentication of various applications.

    What is most valuable?

    The solution has the ability to handle a lot of users.

    What needs improvement?

    In an upcoming release, the solution could improve by limiting the need to do customizations.

    For how long have I used the solution?

    I have been using the solution for more than three years. 

    What do I think about the stability of the solution?

    I find the solution to be stable, it has been working well. However, we have encountered some stability issues when we tried to upgrade. Normally we would have to reboot the server and occasionally have performance and tunning issues. The solution's stability during the upgrade should be improved.

    What do I think about the scalability of the solution?

    The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users.

    How are customer service and technical support?

    Whenever we experience an incident, we call everyone in the breach and the system owner expert will call the support of the solution. The support could improve because we sometimes have to repeat ourselves since the support is across different time zones.

    How was the initial setup?

    The initial setup of the solution was quite complex because we tried to use it as a Single Sign-On with multiple applications or customers. 

    What about the implementation team?

    The solution requires a vendor consultant for the implementation to make the right choices. 

    What's my experience with pricing, setup cost, and licensing?

    The pricing of the solution is fair but I do not have the full details.

    What other advice do I have?

    My advice to other users is to be careful about customizing the solution. If you customize the solution you will need good documentation and information that will have to be retained otherwise, there will be a knowledge gap. Especially if you use it for Single Sign-On or federated authentication and authorization. The more you customize it the more it will cause some issues when you are trying to upgrade. We have found in this particular instance if you do the customization you should have certain consistent standards. If you have this solution across multiple teams, there is no single party that has an overview of the code, and what ends up happening is there is too much customization making the upgrades difficult. However, this all depends on the business.

    If we are using the solution in a certain way, especially the authorization with customization can cause problems. Every application might have a different way to authorize its functions in the area. However, the authentication is very straightforward. You have to be careful about customizing the solution, and how to sustain it across your teams. Every three to five years you will need to do an upgrade. Otherwise, you will not be supported. Most of us just treat it as a project, then we move on, and we do not use it until a few years later and then we run into large issues.

    I rate ForgeRock a six out of ten. 

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Technology Security Analyst at a tech services company with 10,001+ employees
    Real User
    Very easy to navigate, handle and manage applications
    Pros and Cons
    • "Easy to navigate, handle and manage the applications."
    • "Lacks simplified documentation within the tool that requires use of a separate portal."

    What is our primary use case?

    ForgeRock is basically an IAM tool and we use it for access to multiple resources or applications. It's basically an identity and access management tool. We are business partners with ForgeRock and I'm a security delivery analyst.

    How has it helped my organization?

    It's had a good impact and we've seen an increase in revenue. 

    What is most valuable?

    I like the ease of navigating, handling and managing the applications and end-user profiles. It's easy, convenient and affordable. 

    What needs improvement?

    ForgeRock can be a complex product that requires a lot of time to learn and  understand its real value. The issue is that when we're working in real-time scenarios for real-time projects, we might face challenges that we're not able to figure out ourselves. By the time we have real-time interaction with the customer, it can be awkward to go back to the documentation and try to figure it out. I'd like the solution to include ways of customizing or achieving our scenarios more simply. That could include simplified documentation within the tool rather than having to use a separate portal. If something were available within the tool, I would be happy.

    For how long have I used the solution?

    I've been using this solution for close to three years. 

    What do I think about the stability of the solution?

    This is a neutral product in terms of stability. It's generally fine but sometimes there are issues which could be connected to the application rather than the product.

    What do I think about the scalability of the solution?

    The solution scales up and down according to your needs.

    How are customer service and support?

    We receive adequate support. Every time we reach out to them, they're there for us. Whether it's relevant documentation, guidance, or jumping on a call to troubleshoot issues. They're on top when it comes to customer support. 

    How was the initial setup?

    The initial setup is easy but I would recommend having some knowledge on the container, where you deploy the applications, and how it's done.

    What was our ROI?



    What's my experience with pricing, setup cost, and licensing?

    ForgeRock is an open-source tool. You can download it directly via the browser. It's only when you want to use their extensive features, you might have to think about the pricing. ForgeRock is booming because it's an open-source tool and it provides good value. It's comparable to a licensed solution. We pay a maintenance fee. 

    What other advice do I have?

    We initially used ForgeRock as a trial tool to test whether we could achieve all of our requirements. It was a good strategy for us. 

    I rate the solution eight out of 10. 

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    Flag as inappropriate
    PeerSpot user
    Mohamed Yassine Benomar - PeerSpot reviewer
    Cyber Security Consultant at a tech company with 10,001+ employees
    Vendor
    Top 20
    Reliable and useful for securing our system, but should be a little bit easier to implement
    Pros and Cons
    • "Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users."
    • "It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."

    What is our primary use case?

    We use this solution to manage the identity and access of users to SI and other applications of our company. We implement the identity of the users in that SI.

    How has it helped my organization?

    It secured our system so that it is accessed only by authorized people, and it implemented the SSO.

    What is most valuable?

    Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users.

    What needs improvement?

    It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement.

    What do I think about the stability of the solution?

    It is a reliable solution.

    What do I think about the scalability of the solution?

    It is scalable. We have scaled it.

    In terms of the number of users, the whole company has to use ForgeRock to be able to connect to the company. For its administration, we have a team of five people. We don't have any plans to increase its usage.

    How are customer service and technical support?

    Their technical support is good.

    Which solution did I use previously and why did I switch?

    I have used SiteMinder and EmpowerID and a solution from Okta.

    How was the initial setup?

    Its implementation is a little bit complex. It took us between four to six months. 

    In terms of the implementation strategy, we identified the functional aspects and tried to see if it would meet the needs. After that, we implemented it in the Dev environment, and after that, we implemented it in the Production environment.

    What about the implementation team?

    I implemented it myself. It does require maintenance, and I handle its maintenance.

    What's my experience with pricing, setup cost, and licensing?

    Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts. 

    There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more.

    What other advice do I have?

    I would recommend this solution if it meets the needs of a company. It is a good solution. You have to implement it to see if it responds to your needs. 

    I would rate ForgeRock a seven out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Tavernt Muchenje - PeerSpot reviewer
    Managing Director at I'curity Solutions
    Real User
    Top 20
    Integrates well, keeps up with market trends, and priced well
    Pros and Cons
    • "The solution integrates well and it is important for them to keep up with the current trends in the market quickly enough, and they have been doing a good job at it."
    • "The solution requires more simplified customization. However, part of the problem is my clients determining their own preferences. Technology can help and do many things, but you have to define your own policies to ensure that the solution or service works within those parameters. Helping customers understand their business and different processes is another issue not relating to the functionality of this solution."

    What is our primary use case?

    My clients use the solution primarily for customer identity management, access management, customer onboarding, data management, and authentication.

    What is most valuable?

    The solution integrates well and it is important for them to keep up with the current trends in the market quickly enough, and they have been doing a good job at it.

    What needs improvement?

    The solution requires more simplified customization. However, part of the problem is my clients determining their own preferences. Technology can help and do many things, but you have to define your own policies to ensure that the solution or service works within those parameters. Helping customers understand their business and different processes is another issue not relating to the functionality of this solution.

    The reports could be more customizable in an upcoming release, and the overall customization could be simplified by making drag-and-drop functionality.

    For how long have I used the solution?

    I have been using this solution within 12 months.

    What do I think about the stability of the solution?

    I have found the solution stable.

    What do I think about the scalability of the solution?

    There is a lot of options for scalability in this solution.

    How are customer service and technical support?

    ForgeRock was born out of the open souced technology and users can use the community support without a license. Users with a commercial license can talk directly with the support agents that can immediately assist them with their problems.

    How was the initial setup?

    The installation is very simple.

    What's my experience with pricing, setup cost, and licensing?

    The license is purchased annually per user. However, you can negotiate if you are signing for a longer period of time. When comparing this solution to others on the market it is priced fair, it is not at the top of the price range or at the bottom end.

    What other advice do I have?

    My advice to those wanting to implement ForgeRock is if they are looking for a strong customizable identity management solution that strikes the balance between convenience and security then this is probably a good choice for you.

    I rate ForgeRock an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    Buyer's Guide
    Download our free ForgeRock Report and get advice and tips from experienced pros sharing their opinions.
    Updated: September 2022
    Buyer's Guide
    Download our free ForgeRock Report and get advice and tips from experienced pros sharing their opinions.