User-Managed Access

Secure Delegated Authorization that Builds Privacy, Consent and Trusted Relationships

Privacy regulations, like GDPR, impact all organizations holding personally identifiable information. Void of compliance, organizations can suffer disastrous repercussions  in the form of  enormous fines and even imprisonment of executives. Further, lax privacy practices can cost an organization reputation and ultimately consumer trust. But new regulations don’t have to bring only doom and gloom. Savvy businesses can leverage these regulations as a way to build trust with their customers.

Organizations can opt for a contextual privacy methodology which takes the burden away from the business and puts it into the hands of the consumer – ultimately building trusted relationships necessary for successful digital transformation.

User-Managed Access, UMA, gives your customers and employees a convenient way to determine who and what gets access to personal data, for how long, and under what circumstances.  Users delegate access through a simple “Share” button in your app, and can monitor and manage sharing preferences all through a central console.

Do More With User-Managed Access
Product Brief

Learn how UMA can help you protect user privacy with a simple user experience

Customer Identity

The Guide to Trusted Digital Relationships with Customer Identity and Access Management (CIAM)


IoT and other new technologies require modern solutions like UMA for privacy and consent

No More Data About You, Without You

With UMA, sharing information is simple. While there are a few consent tools out there that go beyond the post-compliance opt-in and opt-out checkboxes, they are proprietary, thus limiting sharing capabilities to within the organization. Other privacy and consent tools lack options to empower consumers, such as granular access controls to determine who can do what with their data, the ability to revoke data access at will, and the security needed to prove who is accessing data.

Get Started Here

Get the technical resources and documentation to get started with ForgeRock User-Managed Access

Technical Resources
User-Managed Access (UMA) 2.0 Guide

Guide to configuring and using UMA features in ForgeRock Access Management.

Customizing UMA

Guide to Extending UMA Services with custom functionality to fit your deployment

Access Management Guide

Full Access Management documentation.

ForgeRock Technology Partner Program Forges On With VeriClouds

We launched the ForgeRock Trust Network Technology Partner Program in November 2017 with a clear goal in mind: to enable easier and more seamless integration of complementary technologies to the ForgeRock platform. With innovation at the heart of our work at ForgeRock, we knew we needed to make it simple and straightforward to evolve to meet our customers' needs, and we wanted to bring valuable new capabilities into the program.

Read More »

NYDFS Cybersecurity Regulation Mandates Multi-Factor Authentication

March 1st marked the moment at which financial services entities in New York must be in compliance with several sections of the New York Department of Financial Services (NYDFS) cybersecurity regulation, 23 NYCRR 500. The regulation, which seems to lean heavily on the NIST Cybersecurity Framework, is in response to “the ever growing threat posed to information and financial systems by nation-states, terrorist organizations and independent criminal actor

Read More »

My Perception of Identity

It’s day 11 of working as an intern at ForgeRock and I’m already amazed (dumbfounded) at the power digital identity has in the world. It’s incredibly important for businesses and consumers, and is literally everywhere in the digital realm. So many of us, though, don’t realize how identity comes into play in our online experiences hundreds of times every day. The capabilities and functions of digital identity still make my head spin because it’s relevant for every industry, company, user, device, and even things that haven’t been invented yet.

Read More »

Survey Report: Consumer Trust, Consent and Knowledge in the Age of Digital Identity

We're excited to release the summary report - and a new infographic - from a recent survey we ran in the US and Europe on consumer attitudes toward digital privacy and commercial data handling policies. Conducted by ComRes Global, the survey polled 8,000 consumers on their understanding of how their personal data and financial information is collected and managed by online entities including social media and retail organizations including Facebook, Twitter, Instagram, Amazon and others.

Read More »

Digital Finance World 2018 - GDPR, PSD2 and CIAM

We’re on our way to Frankfurt for KuppingerCole Digital Finance World 2018! It's an event that attracts many of the world’s brightest banking professionals and digital innovators, coming together to discuss the ongoing transformation of financial services. Thursday March 1st will be a particularly busy day for the ForgeRock team at the event. At noon I’m speaking on the “Impact of GDPR on CIAM” panel alongside iWelcome and  Ddaas.

Read More »

Implementing Delegated Administration with the ForgeRock 5.5 Platform
1 month ago
Out of the box in 5.5, IDM (ForgeRock Identity Management) has two types of users – basic end-users and all-powerful administrators. You often need a class of users that fall between these extremes – users which can trigger a password reset action but cannot redefine connector configuration, for example. Another common need is for users to only be allowed to […]
Jake Feasel
Enhancing User Privacy with OpenID Connect Pairwise Identifiers
1 month 1 week ago
This is a quick post to describe how to set up Pairwise subject hashing, when issuing OpenID Connect id_tokens that require the users sub= claim to be pseudonymous.  The main use case for this approach, is to prevent clients or resource servers, from being able to track user activity and correlate the same subject’s activity across different applications. OpenID Connect […]
Simon Moffatt
8 years old !
1 month 2 weeks ago
Happy anniversary ForgeRock! It’s been 8 years since you first shout at the world What an amazing journey since then… And it’s only the beginning This blog post was first published @, included here with permission.
Enhancing OAuth2 introspection with a Policy Decision Point
2 months ago
OAuth2 protection of resource server content, is typically either done via a call to the authorization service (AS) and the ../introspect endpoint for stateful access_tokens, or, in deployments where stateless access_tokens are deployed, the resource server (RS) could perform “local” introspection, if they have access to the necessary AS signing material.  All good.  The RS would valid scope values, token […]
Simon Moffatt
How Information Security Can Drive Innovation
2 months ago
Information Security and Innovation: often at two different ends of an executive team’s business strategy. The non-CIO ‘C’ level folks want to discuss revenue generation, efficiency and growth. Three areas often immeasurably enhanced by having a strong and clear innovation management framework. The CIO’s objectives are often focused on technical delivery, compliance, uploading SLA’s and more recently on privacy enablement […]
Simon Moffatt

An Identity Platform Built with the IoT, CIAM, and You in Mind

Digital Identity

Your Customers...

Millions of customers use your digital services--whether cloud, mobile, or IoT. Protect their digital identities and consolidate customer information, so it's easy to create and personalize the customer experience. 


Their Things...

Cars, drones, street lights, gas pumps, wearables, medical devices... they all have a digital identity. With ForgeRock, you establish who these devices belong to, and decide how and with whom (or what) they interact.


Their Choice.

Protect and respect privacy. With ForgeRock, you can let your customers share data selectively. Ask them what’s okay to share, how, when, and with whom. Put them in charge, and they’ll put their trust in you.

Get Started with the ForgeRock Identity Platform

Manage billions of digital identities on new cloud, mobile, and IoT services, all with one unified platform. Try it out today.