Designing and Managing a ForgeRock® Identity Cloud Solution (IC-500)


Note: This course can only be delivered as a private event.


Students in the role of a ForgeRock® Identity Cloud (Identity Cloud) technical consultant learn how to interact with a customer, through instructor-provided customer use cases, to design and document an architectural IAM solution based on Identity Cloud and the integrations necessary to meet the given customer use case requirements presented in this course.

Students also learn how to create a plan that includes how to migrate an existing IAM solution to a production-ready Identity Cloud solution; including a strategy for migrating data, transitioning to a production environment, capturing monitoring and logging data, creating a performance baseline, and how to get support.


Target Audiences

The target audiences for this course include:

  • ForgeRock Partners
  • ForgeRock Professional Services
  • ForgeRock Identity Cloud technical consultants


Objectives

Upon completion of this course, you should be able to:

  • Design an Identity Cloud identity and access management (IAM) architectural solution for a given set of customer IAM use cases
  • Create a plan that includes how to migrate an existing IAM solution to a production-ready Identity Cloud solution; including a strategy for migrating data and applications, transitioning to a production environment, capturing monitoring and logging data, creating a performance baseline, and how to get support


Prerequisites

The following are the prerequisites for successfully completing this course:

  • Completion of the following ForgeRock University Identity Cloud courses and certification available at https://www.forgerock.com/support/university/forgerock-university:
    • IC-300: Getting Started With ForgeRock® Identity Cloud
    • FRX-IC-CPE: ForgeRock® Identity Cloud Certified Professional Exam
  • Recommended completion of the following courses:
    • IC-410: ForgeRock® Identity Cloud Deep Dive: Access Management
    • IC-420: ForgeRock® Identity Cloud Deep Dive: Identity Management
  • Basic knowledge of architecture and design concepts, and using office tools for creating spreadsheets, documents, and architectural drawings.
  • Knowledge of IAM concepts such as authentication, authorization, and federation with OAuth2/OIDC and SAML2, and other technologies such as JSON, JavaScript, REST, SQL, and LDAP would be helpful for understanding the examples; however, programming experience is not required.


Duration

2 days

Show details


Course Contents

Chapter 1: Designing a ForgeRock® Identity Cloud Solution

Design an Identity Cloud IAM architectural solution for a given set of customer IAM use cases.

Lesson 1: Gathering Requirements and Use Cases

Understand and document all relevant customer IAM requirements and use cases related to Identity Cloud:

  • Describe the Identity Cloud adoption framework guide
  • List example discovery questions for Data Modeling
  • List example discovery questions for Data Migration
  • List example discovery questions for User Journeys
  • List example discovery questions for Application Integration
  • List example discovery questions for Authorization
  • List example discovery questions for UIs and Theming
  • Gather Non-Functional Requirements

Lesson 2: Creating an Identity Cloud Data Model

Create an overall Identity Cloud data model to support the storage, access, and flow of identity objects and properties required to satisfy a customer’s Identity Cloud IAM use cases:

  • Describe the process for creating an Identity Cloud data model
  • Describe how to document the schema of an external data source
  • Document the schema of an external data source
  • Describe how to map an identity object and properties to a managed object
  • Map an identity object and properties to a managed object
  • Describe how to map custom properties to the Identity Cloud schema
  • Map custom properties to the Identity Cloud schema
  • Describe how to document the flow of objects and properties
  • Document the flow of attributes between Identity Cloud
  • Identify any Property Settings
  • Modify the Property Settings
  • Identify the password migration or pass-through strategy

Lesson 3: Defining Journeys

Conduct a high-level journey design that highlights each journey required to meet the authentication, registration, self-service, and other miscellaneous journey requirements of an IAM solution:

  • Describe a journey design process
  • List helpful references for designing and building journeys
  • Identify journey requirements

Lesson 4: Identifying Integration Points

Create an integration architecture between Identity Cloud and all on-prem or cloud external services:

  • Describe a process for creating an integration architecture
  • Describe the ForgeRock integration points
  • Describe the third-party integration points


Chapter 2: Managing an Identity Cloud Implementation Project

Create a plan that includes how to migrate an existing IAM solution to a production-ready Identity Cloud solution; including a strategy for migrating data and applications, transitioning to a production environment, capturing monitoring and logging data, creating a performance baseline, and how to get support.

Lesson 1: Monitoring an Environment and Capturing Logs

Define a strategy for monitoring an Identity Cloud environment and capturing and storing both audit and server logs:

  • Set up a strategy for monitoring a deployment
  • Set up a strategy for capturing and storing audit logs
  • Set up a strategy for capturing and storing server logs

Lesson 2: Creating a Performance Baseline

Create a performance baseline for an Identity Cloud solution:

  • Define an approach to benchmarking
  • Describe the tools and techniques for benchmarking an environment

Lesson 3: Defining the migration strategy

Given documentation has been gathered about the requirements, architecture, data model, and journeys, define the migration strategy for managing a successful Identity Cloud deployment:

  • An implementation approach for an Identity Cloud project
  • Manage project communication, resources, and responsibilities
  • Define a migration path for identity data and application configurations
  • Define and validate approach for porting customizations
  • Finalize the migration plan, staging, and timing

Lesson 4: Migrating Data and Applications to Identity Cloud

Migrate existing identity data and configuration data to Identity Cloud, and migrate applications that connect to Identity Cloud to authenticate, authorize, and depend on identity data:

  • Types of data and environments
  • Migrate data to Identity Cloud
  • Connect applications to Identity Cloud

Lesson 5: Transition to live

Manage the process of transitioning from development to staging, pre-production tests and checks, and going live into production:

  • Describe the Identity Cloud promotion model
  • Plan and conduct testing before promotion to production
  • Prepare to go live

Lesson 6: Maintaining a Deployment

Maintain an Identity Cloud tenant deployment through ongoing evaluation of the tenant and getting support from various resources:

  • Manage ongoing administration tasks
  • Manage configuration changes in Identity Cloud
  • Review resources for obtaining advice
  • Describe how to stay up to date with releases