ForgeRock OpenIDM

Seamlessly managing customer lifecycles.

OpenIDM is provisioning and user administration solution, designed to manage user accounts in the enterprise as well as across cloud and mobile environments. With OpenIDM companies can automate user identity management in real time while complying with policies and regulatory requirements and adapting to today's identity relationship management (IRM) challenges at the same time.


Benefits and features of OpenIDM include:

  • Role-based provisioning: Companies can assign roles to users and manage them based on organizational requirements and characteristics such as job function, title, geographical location, etc.
  • Modular architecture: All services are designed as standalone modular resources. Users can plug in modules as required or swap out those they don’t need or want to replace with other systems. Java-based OpenIDM is designed to handle big-data requirements across both corporate and customer-facing systems. Users can choose from a number of available backend systems
  • REST API: Simple RESTful interfaces provide API for managing all main features of user admin, synching and reconciliation. Decoupled user interface enables customized solutions
  • Cloud Services: OpenIDM enables easy cloud access and provides resources for provisioning changes and aggregating data
  • Synchronization and Reconciliation: Synchronization allows for on-demand and scheduled resource comparisons. Changes to accounts, entitlements and passwords are easy to detect and synchronize. Reconciliation determines user access privileges by discovering new, changed, deleted or orphaned accounts
  • User Self-Service: This feature reduces helpdesk costs and increases productivity through automated password resetting and a centralized password policy. User self-service also enables a more efficient registration process and streamlines access requests
  • Workflow Engine: OpenIDM provides workflow templates to help companies define their business processes and workflows. The engine also enables workflow-driven provisioning activities, both for self-service actions and administration