ForgeRock is basically an IAM tool and we use it for access to multiple resources or applications. It's basically an identity and access management tool. We are business partners with ForgeRock and I'm a security delivery analyst.
Technology Security Analyst at a tech services company with 10,001+ employees
Very easy to navigate, handle and manage applications
Pros and Cons
- "Easy to navigate, handle and manage the applications."
- "Lacks simplified documentation within the tool that requires use of a separate portal."
What is our primary use case?
How has it helped my organization?
It's had a good impact and we've seen an increase in revenue.
What is most valuable?
I like the ease of navigating, handling and managing the applications and end-user profiles. It's easy, convenient and affordable.
What needs improvement?
ForgeRock can be a complex product that requires a lot of time to learn and understand its real value. The issue is that when we're working in real-time scenarios for real-time projects, we might face challenges that we're not able to figure out ourselves. By the time we have real-time interaction with the customer, it can be awkward to go back to the documentation and try to figure it out. I'd like the solution to include ways of customizing or achieving our scenarios more simply. That could include simplified documentation within the tool rather than having to use a separate portal. If something were available within the tool, I would be happy.
Buyer's Guide
ForgeRock
November 2024
Learn what your peers think about ForgeRock. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
For how long have I used the solution?
I've been using this solution for close to three years.
What do I think about the stability of the solution?
This is a neutral product in terms of stability. It's generally fine but sometimes there are issues which could be connected to the application rather than the product.
What do I think about the scalability of the solution?
The solution scales up and down according to your needs.
How are customer service and support?
We receive adequate support. Every time we reach out to them, they're there for us. Whether it's relevant documentation, guidance, or jumping on a call to troubleshoot issues. They're on top when it comes to customer support.
How was the initial setup?
The initial setup is easy but I would recommend having some knowledge on the container, where you deploy the applications, and how it's done.
What was our ROI?
What's my experience with pricing, setup cost, and licensing?
ForgeRock is an open-source tool. You can download it directly via the browser. It's only when you want to use their extensive features, you might have to think about the pricing. ForgeRock is booming because it's an open-source tool and it provides good value. It's comparable to a licensed solution. We pay a maintenance fee.
What other advice do I have?
We initially used ForgeRock as a trial tool to test whether we could achieve all of our requirements. It was a good strategy for us.
I rate the solution eight out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Cyber Security Consultant at a tech company with 10,001+ employees
Reliable and useful for securing our system, but should be a little bit easier to implement
Pros and Cons
- "Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users."
- "It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement."
What is our primary use case?
We use this solution to manage the identity and access of users to SI and other applications of our company. We implement the identity of the users in that SI.
How has it helped my organization?
It secured our system so that it is accessed only by authorized people, and it implemented the SSO.
What is most valuable?
Their access management solution, OpenAM, is most valuable because it meets the needs of a lot of users.
What needs improvement?
It should be a little bit easier to implement. It is user-friendly, but there is always scope for improvement.
What do I think about the stability of the solution?
It is a reliable solution.
What do I think about the scalability of the solution?
It is scalable. We have scaled it.
In terms of the number of users, the whole company has to use ForgeRock to be able to connect to the company. For its administration, we have a team of five people. We don't have any plans to increase its usage.
How are customer service and technical support?
Their technical support is good.
Which solution did I use previously and why did I switch?
I have used SiteMinder and EmpowerID and a solution from Okta.
How was the initial setup?
Its implementation is a little bit complex. It took us between four to six months.
In terms of the implementation strategy, we identified the functional aspects and tried to see if it would meet the needs. After that, we implemented it in the Dev environment, and after that, we implemented it in the Production environment.
What about the implementation team?
I implemented it myself. It does require maintenance, and I handle its maintenance.
What's my experience with pricing, setup cost, and licensing?
Its licensing is on a yearly basis, but it also depends on the contract that you have with the vendor. They have multiple types of contracts.
There are additional costs to the standard licensing fees. If you need some of the features, you have to pay more.
What other advice do I have?
I would recommend this solution if it meets the needs of a company. It is a good solution. You have to implement it to see if it responds to your needs.
I would rate ForgeRock a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
ForgeRock
November 2024
Learn what your peers think about ForgeRock. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
System manager at Tribunal fédéral suisse
Enables us to define our systems but it is quite expensive
Pros and Cons
- "We create and define the permissions and configurations for the users."
- "I find that it's quite expensive for just an open-source system. Support is quite expensive."
What is our primary use case?
We use it to define the users in all of our systems like VMS and Samba. We don't use Windows, we use Samba. We create and define the permissions and configurations for the users.
How has it helped my organization?
We were using Solaris IDM system, Solaris sells an IDM system and there was a big migration telling us where to go. They told us to rewrite the IDM solution and we saw which other solutions there were out there. We found this solution and we found someone who could create a proof of concept and we decided to change from Solaris IDM to this. It has the same functionality.
What is most valuable?
In the beginning, it was open-source as opposed to other solutions like IBM. We used Solaris IDM and we had to merge with another product and we chose this because, in our company, open-source software is the main solution.
What needs improvement?
It's hard to speak with ForgeRock. It's very expensive. I find that it's quite expensive for just an open-source system. Support is quite expensive. We are only 300 users. It would make sense for a big company but for a little company, it's quite expensive.
For how long have I used the solution?
I have been using ForgeRock for around six to seven years.
What do I think about the stability of the solution?
The stability is quite good. As an IDM system, it's not so stressed. We create five or six users per month.
What do I think about the scalability of the solution?
I heard that it's good for big companies, with thousands of users use it but our company only has a few hundred users. We use little bits of the database. Scalability isn't a problem for us.
How are customer service and technical support?
I have contacted their support. It's quite good. Out of ten, I would rate it a seven.
What other advice do I have?
I would rate it a seven out of ten.
I would recommend trying it. Do a proof of concept. Every company is different. Management is different, you have to find a local company that can support you.
The interface is quite lively but I don't think that it's possible to have UI that's compatible with the rest of the company's. We only use the core of OpenIDM.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
ForgeRock Consultant at a tech services company with 11-50 employees
Very easy to customize and adaptable to any environment
Pros and Cons
- "Easy to customize and adaptable to any environment."
- "As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively."
What is our primary use case?
There are multiple use cases including multi-factor authentication that enable more integration on the application stack. There's also the CIAM methodology with the single sign-on, the SAML integration and the federation for business to business. We are partners with ForgeRock and I'm an SME.
What is most valuable?
The valuable feature of the product is that it's easy to customize and adaptable to any environment. We can use the leverage acknowledgment of an intellectual capture and make an out-of-the-box complex solution.
What needs improvement?
Steep learning curve: As with any complex software platform, there is a learning curve to using ForgeRock, and it may require specialized expertise to implement and manage effectively.
For how long have I used the solution?
I've been using ForgeRock Access Manager for 22 years since Sun Microsystems released the source code of OpenAM from Iplanet-DSAME.
What do I think about the scalability of the solution?
The solution is very scalable and offers three kinds of architecture; small, medium and large. That means you can start with one million users, and scale up to 10 million. The only limitation is the platform.
How was the initial setup?
The deployment is straightforward and doesn't take a lot of time. There's a lot of documentation available. It's a matter of defining the process.
What's my experience with pricing, setup cost, and licensing?
Once you know your needs, licensing is very flexible and adaptable with any kind of solution and works with any size of organization.
What other advice do I have?
This is a good product with good technology that's easy to integrate. Follow the best practice and it works well.
I rate this product 10 out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Sr. IAM Consultant at a marketing services firm with 10,001+ employees
Fantastic technical support team, excellent authentication capabilities, with quick deployment
Pros and Cons
- "I like the way it is handling authentication and authorization."
- "I think the upgrade process is sometimes a little complicated and there are failures that occur."
What is our primary use case?
We are using off protocol to protect the application for multiple redirects and single redirects. We have multiple flows and from there an authentication perspective. We do have IDM in place to manage roles and also provisioning activities.
What is most valuable?
I like the way it is handling authentication and authorization.
What needs improvement?
I think the upgrade process is sometimes a little complicated and there are failures that occur.
For how long have I used the solution?
I have been using ForgeRock for the past four years.
What do I think about the stability of the solution?
I have found ForgeRock to be stable.
What do I think about the scalability of the solution?
The scalability of ForgeRock is not a problem.
How are customer service and support?
I have used technical support and they have a great team.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
The support team is better than the other product we were using. If the support team is not good you have many issues.
How was the initial setup?
The initial setup is not always straightforward. If we are looking to automate the process, that is not ready currently. The time it takes to deploy is not a problem and is pretty easy.
Which other solutions did I evaluate?
I have also worked on Okta and PingFederate. I am comparing based on my experience with other products.
What other advice do I have?
I would rate ForgeRock a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: customer/partner
Managing Director at a tech services company with 1-10 employees
Solution has some AI features and works well for the users
Pros and Cons
- "It works very well, especially in Identity and Access Management. It helps detect anomalies in user behavior patterns."
- "In future releases, I would like to see easier integration with other solutions, like facial recognition and KYC solutions with biometric onboarding."
What is our primary use case?
We are consultants who have deployed versions of the ForgeRock solution.
What is most valuable?
From a functionality point of view, it's a solid product. Of course, the customers always complain about the price.
The solution has some AI features. It works very well, especially in Identity and Access Management. It helps detect anomalies in user behavior patterns. It also suggests security roles and other ways of doing things based on industry best practices.
What needs improvement?
The price could be better.
It looks like it's well funded, but the joining process with Ping Identity is a concern. It could take priority from a product point of view, which is a concern for customers.
In future releases, I would like to see easier integration with other solutions, like facial recognition and KYC solutions with de-dupe functionality and biometric onboarding. This would help complete the entire use case, especially from a customer identity management perspective.
For how long have I used the solution?
I have been using this product for ten years or so.
What about the implementation team?
We are an implementer and supporter.
What other advice do I have?
Overall, I would rate it an eight out of ten.
We are like a big reference site in Africa, and they've already made a lot of deployments there. So, I would recommend it to everyone.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Last updated: Jul 1, 2024
Flag as inappropriateLead IAM manager at a tech services company with 11-50 employees
Assists in managing all aspects of Identity Lifecycle Management
What needs improvement?
Customization can be a difficult job.
For how long have I used the solution?
I have been using ForgeRock for last three to four months.
What do I think about the stability of the solution?
It is a customizable solution so if the customization is on track then it is stable.
How are customer service and support?
The technical support team is very good.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I used Seapoint previously.
What other advice do I have?
As it is a new product I would rate it five out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Head Of Service Management at a financial services firm with 501-1,000 employees
Scalable, stable, but complex installation
Pros and Cons
- "The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users."
- "In an upcoming release, the solution could improve by limiting the need to do customizations."
What is our primary use case?
We use the solution for the authorization and authentication of various applications.
What is most valuable?
The solution has the ability to handle a lot of users.
What needs improvement?
In an upcoming release, the solution could improve by limiting the need to do customizations.
For how long have I used the solution?
I have been using the solution for more than three years.
What do I think about the stability of the solution?
I find the solution to be stable, it has been working well. However, we have encountered some stability issues when we tried to upgrade. Normally we would have to reboot the server and occasionally have performance and tunning issues. The solution's stability during the upgrade should be improved.
What do I think about the scalability of the solution?
The solution is very scalable. We have a lot of users that have been increasing over the years that we have been using it. We have approximately 20,000 users.
How are customer service and technical support?
Whenever we experience an incident, we call everyone in the breach and the system owner expert will call the support of the solution. The support could improve because we sometimes have to repeat ourselves since the support is across different time zones.
How was the initial setup?
The initial setup of the solution was quite complex because we tried to use it as a Single Sign-On with multiple applications or customers.
What about the implementation team?
The solution requires a vendor consultant for the implementation to make the right choices.
What's my experience with pricing, setup cost, and licensing?
The pricing of the solution is fair but I do not have the full details.
What other advice do I have?
My advice to other users is to be careful about customizing the solution. If you customize the solution you will need good documentation and information that will have to be retained otherwise, there will be a knowledge gap. Especially if you use it for Single Sign-On or federated authentication and authorization. The more you customize it the more it will cause some issues when you are trying to upgrade. We have found in this particular instance if you do the customization you should have certain consistent standards. If you have this solution across multiple teams, there is no single party that has an overview of the code, and what ends up happening is there is too much customization making the upgrades difficult. However, this all depends on the business.
If we are using the solution in a certain way, especially the authorization with customization can cause problems. Every application might have a different way to authorize its functions in the area. However, the authentication is very straightforward. You have to be careful about customizing the solution, and how to sustain it across your teams. Every three to five years you will need to do an upgrade. Otherwise, you will not be supported. Most of us just treat it as a project, then we move on, and we do not use it until a few years later and then we run into large issues.
I rate ForgeRock a six out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free ForgeRock Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Access Management Identity Management (IM) Customer Identity and Access Management (CIAM)Popular Comparisons
Microsoft Entra ID
Okta Workforce Identity
Cloudflare SASE & SSE Platform
Auth0
Ping Identity Platform
F5 BIG-IP Access Policy Manager (APM)
CyberArk Identity
Amazon Cognito
Symantec Siteminder
OneLogin by One Identity
IBM Security Verify Access
Oracle Access Manager
SecureAuth Identity Platform
Buyer's Guide
Download our free ForgeRock Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which one is best: Quest One Identity Manager or Forgerock Identity Management
- What are the Top 5 cybersecurity trends in 2022?
- What are some tips for effective identity and access management to prevent insider data breaches?
- What are your best practices for Identity and Access Management (IAM) in the Cloud?
- What are security features to look out for when choosing a Customer Identity and Access Management solution?
- Why is identity and access management (IAM) so important in preventing data breaches?
- What access management tools would you recommend to help with GDPR compliance?
- Which is the best choice of Zero Trust Network Access (ZTNA)?
- When evaluating Access Management, what aspect do you think is the most important to look for?
- What are some tips for managing the identity lifecycle securely and effectively?