Getting Started With PingOne Advanced Identity Cloud for Administrators (AIC-330)

This course shows students how to administer PingOne Advanced Identity Cloud (Advanced Identity Cloud), formerly known as ForgeRock® Identity Cloud. This is achieved through the various online resources available to them, to a fully functional hands-on development environment, where they learn how to administer Advanced Identity Cloud in a training environment. Students are provided with a live Advanced Identity Cloud environment, where they learn the concepts and tasks necessary to successfully manage identities, applications, user journeys, and tenant configuration in their own Advanced Identity Cloud.


Target Audiences

The target audiences for this course include:

  • Advanced Identity Cloud Administrators
  • Technical users new to Advanced Identity Cloud and other Ping/ForgeRock products
  • Those new to Advanced Identity Cloud and considering taking the certification exam


Objectives

Upon completion of this course, you should be able to:

  • Describe how to access an Advanced Identity Cloud tenant as an administrator and understand UI integration options
  • Manage identities with the Advanced Identity Cloud admin UI and implement delegated administration to manage organizations and reset user passwords
  • Manage journeys, email templates used in journeys, and authentication sessions as an Advanced Identity Cloud administrator
  • Understand the use of Applications, synchronize identities between Advanced Identity Cloud and external applications, and explore how PingGateway, formerly known as ForgeRock® Identity Gateway, can protect web applications when it is integrated with Advanced Identity Cloud
  • Manage the configuration, monitor tenant activities, and perform common administration tasks for Advanced Identity Cloud tenants


Prerequisites

The following are the prerequisites for successfully completing this course:

  • Completion of the Product Essentials courses available at: https://backstage.forgerock.com/university/cloud-learning
    • PingAM Essentials
    • PingIDM Essentials
    • PingGateway Essentials
    • PingDS Essentials


Duration

3 days

Show details


Course Contents

Chapter 1: Accessing Advanced Identity Cloud

Describe how to access an Advanced Identity Cloud tenant as an administrator and understand UI integration options.

Lesson 1: Managing Administrators

Invite additional administrators using the Advanced Identity Cloud admin UI, which is an administrative interface to manage your tenant settings:

  • Introduce the Advanced Identity Cloud admin UI
  • Manage administrators
  • Invite an administrator

Lesson 2: Introducing UI Integration

Understand UI integration options:

  • Explain UI integration options
  • Configure themes for the Alpha and Bravo realms


Chapter 2: Administering Identities

Manage identities with the Advanced Identity Cloud admin UI and implement delegated administration to manage organizations and reset user passwords.

Lesson 1: Managing Identities

Manage user identities:

  • Introduce managed objects
  • Manage a user profile

Lesson 2: Adding Identities With Bulk Import

Bulk import user identities from a CSV file to add test users to your tenant:

  • Describe bulk import
  • Import test users

Lesson 3: Managing Organizations

Explain how an organization hierarchical structure can be used to model a brand hierarchy to control access to business applications:

  • Describe roles and privileges within an organization
  • Implement delegated administration for an organization model

Lesson 4: Delegating User Management

Explain how to delegate administration privileges to managed users:

  • Delegate administration privileges
  • Delegate password reset


Chapter 3: Managing User Journeys

Manage journeys, email templates used in journeys, and authentication sessions as an Advanced Identity Cloud administrator.

Lesson 1: Managing Journeys

Understand how journeys are used with Advanced Identity Cloud and how to import, export, and debug journeys:

  • Introduce journeys
  • Modify journeys
  • Describe how to export and import journeys
  • Export and import journeys
  • Describe how to debug a journey
  • Enable debug mode on a user journey

Lesson 2: Managing Server-Side Sessions

Understand how authentication sessions are used with Advanced Identity Cloud and how to invalidate server-side sessions:

  • Describe server-side sessions
  • Invalidate server-side sessions

Lesson 3: Configuring Email Templates

Understand the use of email templates in a journey flow:

  • Explore email templates and nodes
  • Configure email templates
  • Use email templates in user journeys


Chapter 4: Integrating With Advanced Identity Cloud

Understand the use of Applications, synchronize identities between Advanced Identity Cloud and external applications, and explore how PingGateway can protect web applications when it is integrated with Advanced Identity Cloud.

Lesson 1: Defining Applications

Describe the role of an application in Advanced Identity Cloud:

  • Introduce applications
  • Register a Bookmark app

Lesson 2: Synchronizing Identities

Connect to external resources using a Remote Connector Server (RCS), and synchronize identities between Advanced Identity Cloud and on-prem resources:

  • Explain how to connect to external resources
  • Configure an RCS cluster
  • Configure debug logging
  • Add an authoritative application
  • Explain synchronization
  • Create inbound mappings and run reconciliation
  • Synchronize passwords
  • Create a target Application with outbound mappings

Lesson 3: Protecting Web Resources

Demonstrate how PingGateway can protect a web application when it is integrated with Advanced Identity Cloud:

  • Introduce PingGateway
  • Integrate PingGateway with Advanced Identity Cloud
  • Integrate the PingGateway sample application with Advanced Identity Cloud


Chapter 5: Administering Your Tenant

Manage the configuration, monitor tenant activities, and perform common administration tasks for Advanced Identity Cloud tenants.

Lesson 1: Managing the Configuration

Explain how to create service accounts to use the REST API endpoints, create a baseline configuration repository for developers, manage ESVs, and understand the promotion process:

  • Introduce Service Accounts
  • Create and manage a service account
  • Introduce the Advanced Identity Cloud REST API
  • Display Advanced Identity Cloud identities using the REST API
  • Introduce configuration management
  • Create a baseline configuration repository
  • Describe how to manage ESVs
  • Create and call ESV variables
  • Promote your configuration

Lesson 2: Monitoring Tenant Activities

Explore and retrieve log data using the REST API and the Frodo CLI, monitor tenant activities, and visualize monitoring metrics using Prometheus and Grafana:

  • Explore Logs
  • Retrieve log data using the REST API
  • Retrieve log data using the Frodo CLI
  • Monitor your tenant
  • Monitor tenant health and visualize monitoring metrics
  • Explore the Advanced Identity Cloud analytics dashboard

Lesson 3: Managing Password Policies

Explain how an Advanced Identity Cloud administrator manages realm password policies:

  • Manage realm password policies
  • Configure password policies

Lesson 4: Additional Administration Tasks

Understand additional tasks that an Advanced Identity Cloud administrator should be aware of:

  • Introduce outbound static IP addresses
  • View outbound static IP addresses
  • Manage tenant certificates
  • Add a custom domain name
Download With Schedule Download Without Schedule