ForgeRock Reviews

We use ForgeRock to implement SSO MSA for different customers with large databases. We also use the solution to unify their system and dashboards.

The most valuable features of ForgeRock are social login and data protection. From an organization's point of view, data privacy is the most valuable feature of ForgeRock. Data should be protected in the right way in an organization. User data is everything in an organization, and if data hacking harms an organization's reputation.

ForgeRock is a very good product for security and meeting your compliance and automation requirements. Our IT team's workload has definitely reduced after implementing ForgeRock.

The solution's deployment should be made easier.

I have been using ForgeRock for nine or ten months.

The solution's stability has to be better, but it depends mainly on how the solution is deployed. Everything is linked to the deployment style. If the deployment is done properly, everything can be fixed automatically.

I rate the solution a seven out of ten for stability.

Around four to five users are using the solution in our organization.

I rate the solution ten out of ten for scalability.

The solution’s technical support is good.

On a scale from one to ten, where one is difficult and ten is easy, I rate the solution's initial setup a five out of ten.

The solution’s deployment takes more than two to three months. We need to install the identity gateway servers first, and based on the gateway servers, they have to initiate the proxy servers. Once the proxy servers are properly configured, I can start with my different application integration. The whole process itself stretches to two months. That's why it's a very lengthy procedure.

ForgeRock is an expensive solution.

We are using ForgeRock mostly for banks and universities. We are letting them use the self-registration page via social logins, having the consent to provide the data, and implementing the ease of logging into the system. So, this is how we are using the solution's CIAM.

Overall, I rate the solution an eight out of ten.

We are using ForgeRock for our CRM system.

In our company, we had some SQL legacy databases but with ForgeRock there is much more integration, including outside the system.

The solution could improve by adding more advertising and marketing.

I have been using ForgeRock for approximately one and a half years.

The solution is stable.

I rate the stability of ForgeRock an eight out of ten.

You are able to build on ForgeRock, it is scalable.

I rate ForgeRock an eight out of ten.

The support is good and prompt.

The initial setup of ForgeRock can be complex based on what kind of integration nodes we are connecting.

We did the deployment of ForgeRock in-house.

I rate ForgeRock a nine out of ten.

ForgeRock is basically an IAM tool and we use it for access to multiple resources or applications. It's basically an identity and access management tool. We are business partners with ForgeRock and I'm a security delivery analyst.

It's had a good impact and we've seen an increase in revenue. 

I like the ease of navigating, handling and managing the applications and end-user profiles. It's easy, convenient and affordable. 

ForgeRock can be a complex product that requires a lot of time to learn and  understand its real value. The issue is that when we're working in real-time scenarios for real-time projects, we might face challenges that we're not able to figure out ourselves. By the time we have real-time interaction with the customer, it can be awkward to go back to the documentation and try to figure it out. I'd like the solution to include ways of customizing or achieving our scenarios more simply. That could include simplified documentation within the tool rather than having to use a separate portal. If something were available within the tool, I would be happy.

I've been using this solution for close to three years. 

This is a neutral product in terms of stability. It's generally fine but sometimes there are issues which could be connected to the application rather than the product.

The solution scales up and down according to your needs.

We receive adequate support. Every time we reach out to them, they're there for us. Whether it's relevant documentation, guidance, or jumping on a call to troubleshoot issues. They're on top when it comes to customer support. 

The initial setup is easy but I would recommend having some knowledge on the container, where you deploy the applications, and how it's done.

ForgeRock is an open-source tool. You can download it directly via the browser. It's only when you want to use their extensive features, you might have to think about the pricing. ForgeRock is booming because it's an open-source tool and it provides good value. It's comparable to a licensed solution. We pay a maintenance fee. 

We initially used ForgeRock as a trial tool to test whether we could achieve all of our requirements. It was a good strategy for us. 

I rate the solution eight out of 10. 

We primarily use the solution for multiple clients and multiple implementations.

Fundamentally, we're not using ForgeRock as a single application Identity Management Solution. We need it for multiple clients, multiple implementations. Not all of them are necessarily a multi-tenant solution. We need a very versatile solution that can do a lot of work, but from a single instance that we can centralize authentications and we don't duplicate the efforts and that's where ForgeRock seems to do better.

We need some more time with the solution to really note if there are specific features that are missing. Currently, it's doing a good job of covering what we need.

We're worried about the scaling. We're told it will be okay and there won't be issues, however, I'm not 100% convinced.

We've signed the contract and yet we're still not going through the typical process, which is worrying.

We started using the solution a few months ago.

It's been only two, three months. So far, we haven't seen any issues and I'm not sure if we will have any issues in the next year or so. 

However, as we move, my biggest concern in the past and right now is when we start adding multiple clients to the same base setup. That's where I'm more worried about how it will take individual authentication versus claims level authentication. I wonder about how it's going to handle all of that. That's where I'm more worried. I'm patiently waiting for a few clients to be on the platform. 

I'm worried about the scalability of it. I'm not worried about the scalability itself. I'm sure it will scale. However, I'm concerned about what sorts of problems we'll run into when we start scaling the solution higher. Right now it's very low volume.

They have assured me it will be fine. We just got a new Account Manager assigned to my company and she's assured me that any such problems and they will be able will align with their standard scalability structures. She has assured me that if there are any issues, their team would jump in and make sure that our clients are not going to be impacted by any issues we might end up having.

We're still in the honeymoon phase with ForgeRock. Even though we have very small business interests with them today, they see that we plan on growing drastically over the next two years. Therefore, we have excellent support and we are now at a point where we are not calling tech support. We pick up a phone and call the Account Manager and they'll get everything resolved for us. We don't have to queue along with everybody else and go through a long process. Maybe it will be different once we are around for a while. However, since we are a growing account, we are an enterprise account, and the Account Manager is really new, we are being treated a little bit differently than regular customers. Obviously, I don't expect it to be this red carpet a year down the lane. That said, right now, it's very nice.

We did previously use a different solution. Scalability and consolidated implementation was one of the reasons we had the previous product. However, I can't even remember the name of it. With the previous product, the problem was we had to put a base set up for every client differently when it is not a multi-tenant solution. That was one of the reasons we switched to ForgeRock. Even though the implementations are not multi-tenant, we can re-route all the IT management through ForgeRock at this point in time.

The initial setup wasn't too complex. I didn't think it was any difficult. I sometimes believe I don't give enough credit to my team. Some of my team members have upwards of about 20 years experience in doing this. They're doing these types of implementations all of the time and they make it seem very easy. I haven't heard a single problem from them. They seem to have handled the entire process very well.

In terms of usage, it's not our standard cost. We're not doing it for our purpose. We have multiple clients we are looking at right now. We are at a very small number, however, the idea and the goal is to grow. We are looking at about $100,000 and $50,000 a minimum a month cost. That'd be minimum maybe in a couple of years. We expect that to double, at least based on how many solutions we scale to. The amount of money we spend on ForgeRock will depend on the number of clients we get. Right now it is on one product, so it is not that much currently. If we scale it to other products, that number will change drastically.

We are just customers. We don't have a business relationship with the solution.

I don't have the details in regards to which version of the solution we're using.

My advice to other potential users would be to not look at the cost savings when you scale. Instead, look at the issues you will run into when you scale. If you plan for scaling two years down the line, the mistake we made a couple of times in other solutions was that it was actually more expensive when you scale without the architecture properly done. Therefore, take the time to plan ahead.

Currently, I'd rate the solution at a seven. I'm a little worried that, even though we've signed the contract, we are being channeled through a couple of leaders rather than going through the regular process. I'm worried about how that new process is going to be for us.

One of my company's customers has already integrated ForgeRock and set up Splunk. We just did some simple configuration, but not much since our customer did it.

I use the tool for its single sign-on capabilities. With ForgeRock, we can enable single sign-on and multi-factor authentication features, as well as single-layer or two-layer multi-factor authentication and password-less authentication.

Basically, we enable multi-factor authentication when logging in to ForgeRock. With ForgeRock Access Management, we can access Splunk using single sign-on capabilities. If you need one more multi-factor authentication for Splunk, we can enable it for that particular application. We already enabled multi-factor authentication for ForgeRock Access Management. Users are authenticated through multi-factor authentication, so Splunk does not require one more such tool. If you want the improvements and prefer one more multi-factor authentication tool, then it is okay.

In the past, I saw that Splunk was integrated with a testing portal, and then it was integrated with Slack. I don't think ForgeRock directly supports integrations with Slack, making it an area where improvements are required.

I have been using ForgeRock for a year and a half. One of my company's customers uses the tool. My company implements and offers support for the tool.

I provide full support in the application integration for our customers.

I have used Splunk for CybeArk for one of my company's customers. I don't know of particular advantages in ForgeRock as such, but it helps reduce manpower and improve security, and then we can keep the environment stable.

The product's implementation phase is very easy, but a lot of customizations are required.

ForgeRock uses Splunk. ForgeRock's integration with Splunk is very easy and straightforward.

In terms of the tool's adaptive risk and intelligence features, I can say that it is an area that is time-based. In different regions, the working hours are different. We can configure the tool based on the timing and the work location.

In terms of the tool's operational efficiency, ForgeRock Access Management is used in a lot of environments, different regions, and in different stages of production environments. Manual monitoring is not possible, especially monitoring everything with the system memory and CPU memory, along with the user behaviors. Splunk easily monitors everything. From a business perspective, it will reduce risk and then reduce manpower. Splunk provides exact results and monitoring results to track a particular issue so we can easily identify the issue.

We usually receive alerts regarding high CPU utilization because of the high traffic we receive.

I can't comment on whether the tool helps in the area of predictive analytics or automated threat detection.

I recommend the product to others. I can also recommend products like CyberArk and Okta. Wherever we need to monitor the environment, specifically the cloud environment or on-prem one, I can suggest all the above-mentioned tools.

I rate the tool a nine out of ten.

There are multiple use cases including multi-factor authentication that enable more integration on the application stack. There's also the CIAM methodology with the single sign-on, the SAML integration and the federation for business to business. We are partners with ForgeRock and I'm an SME. 

The valuable feature of the product is that it's easy to customize and adaptable to any environment. We can use the leverage acknowledgment of an intellectual capture and make an out-of-the-box complex solution. 

Steep learning curve: As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively.

I've been using ForgeRock Access Manager for 22 years since Sun Microsystems released the source code of OpenAM from Iplanet-DSAME.

The solution is very scalable and offers three kinds of architecture; small, medium and large. That means you can start with one million users, and scale up to 10 million. The only limitation is the platform. 

The deployment is straightforward and doesn't take a lot of time. There's a lot of documentation available. It's a matter of defining the process. 

Once you know your needs, licensing is very flexible and adaptable with any kind of solution and works with any size of organization. 

This is a good product with good technology that's easy to integrate. Follow the best practice and it works well. 

I rate this product 10 out of 10. 

We are using off protocol to protect the application for multiple redirects and single redirects. We have multiple flows and from there an authentication perspective. We do have IDM in place to manage roles and also provisioning activities.

I like the way it is handling authentication and authorization.

I think the upgrade process is sometimes a little complicated and there are failures that occur.

I have been using ForgeRock for the past four years.

I have found ForgeRock to be stable.

The scalability of ForgeRock is not a problem. 

I have used technical support and they have a great team.

Positive

The support team is better than the other product we were using. If the support team is not good you have many issues.

The initial setup is not always straightforward. If we are looking to automate the process, that is not ready currently.  The time it takes to deploy is not a problem and is pretty easy.

I have also worked on Okta and PingFederate. I am comparing based on my experience with other products.

I would rate ForgeRock a nine out of ten.

We use the solution for the authorization and authentication of various applications.

The solution has the ability to handle a lot of users.

In an upcoming release, the solution could improve by limiting the need to do customizations.

I have been using the solution for more than three years. 

I find the solution to be stable, it has been working well. However, we have encountered some stability issues when we tried to upgrade. Normally we would have to reboot the server and occasionally have performance and tunning issues. The solution's stability during the upgrade should be improved.

The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users.

Whenever we experience an incident, we call everyone in the breach and the system owner expert will call the support of the solution. The support could improve because we sometimes have to repeat ourselves since the support is across different time zones.

The initial setup of the solution was quite complex because we tried to use it as a Single Sign-On with multiple applications or customers. 

The solution requires a vendor consultant for the implementation to make the right choices. 

The pricing of the solution is fair but I do not have the full details.

My advice to other users is to be careful about customizing the solution. If you customize the solution you will need good documentation and information that will have to be retained otherwise, there will be a knowledge gap. Especially if you use it for Single Sign-On or federated authentication and authorization. The more you customize it the more it will cause some issues when you are trying to upgrade. We have found in this particular instance if you do the customization you should have certain consistent standards. If you have this solution across multiple teams, there is no single party that has an overview of the code, and what ends up happening is there is too much customization making the upgrades difficult. However, this all depends on the business.

If we are using the solution in a certain way, especially the authorization with customization can cause problems. Every application might have a different way to authorize its functions in the area. However, the authentication is very straightforward. You have to be careful about customizing the solution, and how to sustain it across your teams. Every three to five years you will need to do an upgrade. Otherwise, you will not be supported. Most of us just treat it as a project, then we move on, and we do not use it until a few years later and then we run into large issues.

I rate ForgeRock a six out of ten.