Common Services

One Platform to Rule Them All

We believe in a developer-friendly fellowship underpinning everything we do. Our identity services are shared across the entire platform to eliminate typical inefficiencies: no more hours spent reconciling multiple APIs, UIs, files, documentation, elves and squirrels, what have you.

The platform was designed from the ground up for realistic, human-grade scale. You have billions of identities? We have massive scale, session-failover, and high availability to match. All that’s left to consider is what to do with the time that is given to you.

Product Overview

Identity Platform in Short

Get the basics on our identity and access management solution

Analyst Report

Leader in Adaptive Authentication

KuppingerCole named ForgeRock a leader in the adaptive authentication space


Get the Details

Learn more about how you can secure access for, customers, applications and IoT

Get Started Here


Get the technical resources and documentation to get started with ForgeRock Common Services

Get Started here
REST Framework

Access web resources and collections of resources using the Common REST API.

DevOps Guide

Guide to ForgeRock Identity Platform™ deployment using DevOps techniques

Full Documentation

Complete ForgeRock Platform documentation

ForgeRock Technology Partner Program Forges On With VeriClouds

We launched the ForgeRock Trust Network Technology Partner Program in November 2017 with a clear goal in mind: to enable easier and more seamless integration of complementary technologies to the ForgeRock platform. With innovation at the heart of our work at ForgeRock, we knew we needed to make it simple and straightforward to evolve to meet our customers' needs, and we wanted to bring valuable new capabilities into the program.

Read More »

NYDFS Cybersecurity Regulation Mandates Multi-Factor Authentication

March 1st marked the moment at which financial services entities in New York must be in compliance with several sections of the New York Department of Financial Services (NYDFS) cybersecurity regulation, 23 NYCRR 500. The regulation, which seems to lean heavily on the NIST Cybersecurity Framework, is in response to “the ever growing threat posed to information and financial systems by nation-states, terrorist organizations and independent criminal actor

Read More »

My Perception of Identity

It’s day 11 of working as an intern at ForgeRock and I’m already amazed (dumbfounded) at the power digital identity has in the world. It’s incredibly important for businesses and consumers, and is literally everywhere in the digital realm. So many of us, though, don’t realize how identity comes into play in our online experiences hundreds of times every day. The capabilities and functions of digital identity still make my head spin because it’s relevant for every industry, company, user, device, and even things that haven’t been invented yet.

Read More »

Survey Report: Consumer Trust, Consent and Knowledge in the Age of Digital Identity

We're excited to release the summary report - and a new infographic - from a recent survey we ran in the US and Europe on consumer attitudes toward digital privacy and commercial data handling policies. Conducted by ComRes Global, the survey polled 8,000 consumers on their understanding of how their personal data and financial information is collected and managed by online entities including social media and retail organizations including Facebook, Twitter, Instagram, Amazon and others.

Read More »

Digital Finance World 2018 - GDPR, PSD2 and CIAM

We’re on our way to Frankfurt for KuppingerCole Digital Finance World 2018! It's an event that attracts many of the world’s brightest banking professionals and digital innovators, coming together to discuss the ongoing transformation of financial services. Thursday March 1st will be a particularly busy day for the ForgeRock team at the event. At noon I’m speaking on the “Impact of GDPR on CIAM” panel alongside iWelcome and  Ddaas.

Read More »

Implementing Delegated Administration with the ForgeRock 5.5 Platform
1 month ago
Out of the box in 5.5, IDM (ForgeRock Identity Management) has two types of users – basic end-users and all-powerful administrators. You often need a class of users that fall between these extremes – users which can trigger a password reset action but cannot redefine connector configuration, for example. Another common need is for users to only be allowed to […]
Jake Feasel
Enhancing User Privacy with OpenID Connect Pairwise Identifiers
1 month 1 week ago
This is a quick post to describe how to set up Pairwise subject hashing, when issuing OpenID Connect id_tokens that require the users sub= claim to be pseudonymous.  The main use case for this approach, is to prevent clients or resource servers, from being able to track user activity and correlate the same subject’s activity across different applications. OpenID Connect […]
Simon Moffatt
8 years old !
1 month 2 weeks ago
Happy anniversary ForgeRock! It’s been 8 years since you first shout at the world What an amazing journey since then… And it’s only the beginning This blog post was first published @, included here with permission.
Enhancing OAuth2 introspection with a Policy Decision Point
2 months ago
OAuth2 protection of resource server content, is typically either done via a call to the authorization service (AS) and the ../introspect endpoint for stateful access_tokens, or, in deployments where stateless access_tokens are deployed, the resource server (RS) could perform “local” introspection, if they have access to the necessary AS signing material.  All good.  The RS would valid scope values, token […]
Simon Moffatt
How Information Security Can Drive Innovation
2 months ago
Information Security and Innovation: often at two different ends of an executive team’s business strategy. The non-CIO ‘C’ level folks want to discuss revenue generation, efficiency and growth. Three areas often immeasurably enhanced by having a strong and clear innovation management framework. The CIO’s objectives are often focused on technical delivery, compliance, uploading SLA’s and more recently on privacy enablement […]
Simon Moffatt

An Identity Platform Built with the IoT, CIAM, and You in Mind

Digital Identity


Millions of customers use your digital services--whether cloud, mobile, or IoT. Protect their digital identities and consolidate customer information, so it's easy to create and personalize the customer experience. 


Their Things...

Cars, drones, street lights, gas pumps, wearables, medical devices...they all have a digital identity. With ForgeRock, you establish who these devices belong to, and decide how and with whom (or what) they interact. 


Their Choice.

Protect and respect privacy. With ForgeRock, you can let your customers share data selectively. Ask them what’s okay to share, how, when, and with whom. Put them in charge, and they’ll put their trust in you.

Get Started with the ForgeRock Identity Platform

Manage billions of digital identities on new cloud, mobile, and IoT services, all with one unified platform. Try it out today.