ForgeRock Reviews

All of them:

• REST API (the best)
• Available connectors
• Roles
• Objects
• IoT readiness
• Assignments
• Flows, etc.

Automated provisioning and deprovisioning of users and customers. Also, integration into our portals for self-service. With this product, the design and implementation is done in-house. Lots of customizations are possible due to the powerful API.

Improve the software quality (bugs in new versions).

One year now.

No, except that new versions often have basic bugs, which should not be the case.

No, not at all.

Very good. Helped correctly. Bugs were fixed quickly.

Yes, the old product was too big, inflexible and complex.

I think straightforward.

Nothing.

Yes. Oracle, SailPoint, NetIQ, and Apache Syncope.

Check and design the used data model of the product to make sure you make the correct decisions for performance and functionality.

• Flexibility in the customisation.
• Out-of-the-box support for almost all authentication mechanisms/products.
• Hassle-free support to federation protocols (SAML can be enabled and configured in a few mouse clicks).

This is not directly applicable to me, as I work in the consulting service industry. However, I have seen how it's brought about improvements at our client locations. One of our clients wanted to have a solution with complicated authentication requirements (authenticate users from multiple sources and even from non-standard sources), and they approached several product vendors. ForgeRock was the only solution they found which fit their budget and time frame.

It has a promising roadmap and strategy. However, the product still needs to refactor and get rid of the dirty coding from its predecessor. I hope it will improve over time.

More than 10 years. I worked on its predecessor, Sun Java System Access Manager, as well.

Not with the version I’m reviewing. There were issues in previous versions but they were fixed over time.

I have never had any issues with scalability. It depends upon how we spec the environment as well.

It's awesome. Instant responses on support calls.

I used Oracle AM a little bit. Its configuration is a bit confusing and takes a long time.

As I said before, you can install and configure the product in a matter of a few minutes; it’s that easy.

I know it’s cheap compared to other leading AM products. You can even go for the Open Source version of the product if you are building it by yourself and don’t need the support and regular patches.

As I said, I work in the consulting/service industry, hence this is not directly applicable to me.

Just try it and get a feel for the product.

Integration with Identity repository and managing SAML2.0 SSO & Federation; provides a simple upgrade from Sun OpenSSO to OpenAM and ForgeRock OpenIDM; runs seamlessly with the Sun Identity Connector Framework; Unified Platform; lightweight Infrastructure; Connected Security; Developer-friendly AM solution.

The product was used mainly to migrate from Sun IAM suite. The integration has been smooth and the costs have been significantly reduced.

Reporting and Analysis capabilities seem to be less mature. 

Business strategic partnership model with multiple parties across marketing and sales needs improvement. 

Implementation, integration capabilities and support model are still evolving and posing a risk of poor quality.

3 years

Nothing significant.

I did, but I would rather blame my LDAP infrastructure. No significant issues with the product had been encountered that are worth mentioning.

No significant issues.

3; on a scale from 1-5 (1=worst, 5=best).

The key driver had been the migration from Sun IAM.

Migration involved analysis and solution design. The setup was of medium complexity.

The solution was implemented by a vendor. Level of required expertise was 3 on a scale from 1-5 (1=worst, 5=best).

Cost, increased time to market.

I evaluated Oracle Identity suite, TIM/TAM.

It may not have a complete suite of best-in-class IAM capabilities compared to some of the market leaders; however, they are maturing steadily and rapidly expanding the portfolio with OpenDJ and OpenIDM. It’s easy to configure and yes, it’s open source!

REST interface

Better Access Management

Less Oracle Java oriented.

Three years.

Not more then average.

Not more then average.

Not more then average.

Average.

Average.

Sun Access Manager, and we switched because SUN does not exist anymore.

Complex because of the customizations needed.

In house implementation.

We also looked at Oracle.

Start off with a pilot.

We are consultants who have deployed versions of the ForgeRock solution.

From a functionality point of view, it's a solid product. Of course, the customers always complain about the price.

The solution has some AI features. It works very well, especially in Identity and Access Management. It helps detect anomalies in user behavior patterns. It also suggests security roles and other ways of doing things based on industry best practices.

The price could be better. 

It looks like it's well funded, but the joining process with Ping Identity is a concern. It could take priority from a product point of view, which is a concern for customers.

In future releases, I would like to see easier integration with other solutions, like facial recognition and KYC solutions with de-dupe functionality and biometric onboarding. This would help complete the entire use case, especially from a customer identity management perspective.

I have been using this product for ten years or so. 

We are an implementer and supporter.

Overall, I would rate it an eight out of ten. 

We are like a big reference site in Africa, and they've already made a lot of deployments there. So, I would recommend it to everyone. 

Customization can be a difficult job.

I have been using ForgeRock for last three to four months. 

It is a customizable solution so if the customization is on track then it is stable. 

The technical support team is very good. 

Positive

I used Seapoint previously. 

As it is a new product I would rate it five out of ten.