Digital organizations face unprecedented challenges. There's incredible pressure to innovate ahead of the competition and deliver digital experiences that help to acquire, retain, and build loyalty with customers — all while fending off ever-present and increasingly sophisticated cyberthreats. A robust identity and access management (IAM) platform plays a pivotal role in transforming these challenges into achievable goals.
We are thrilled to introduce the latest evolution in the ForgeRock Identity Platform with the release of software version 7.4.
This update includes innovative features that will help our self-managed software customers elevate user experiences, expedite solution development, and enhance security. The ForgeRock Identity Platform 7.4 release includes:
- ForgeRock Access Management 7.4
- ForgeRock Identity Management 7.4
- ForgeRock Directory Services 7.4
- ForgeRock Identity Gateway 2023.9
- ForgeRock SDKs 4.2
Elevate user experiences
Latency is the enemy of the frictionless user experiences that keep employees productive and keep customers coming back. Delivering great experiences is central to the ForgeRock platform, and the latest release offers several features that reduce latency, perceived or actual, and ensure customer and workforce users have a seamless and enjoyable experience.
No one wants to wait in a long line, especially when it comes to using an application. Unfortunately, some legacy and protected applications can be slow to respond to requests for an available HTTP connection. This creates a queue of requests from all applications and inhibits the user experience even for those accessing other, unrelated applications.
That's why we've added the capability to control and limit the number of outbound HTTP requests waiting for an available HTTP connection to a protected application or API. This control limits the cascading effect of wait times created by slow responses, so it reduces user frustration due to unresponsive applications, ultimately delivering a better customer experience.
We've established that latency is an obstacle to a favorable user experience. Client-side (stateless) sessions simplify infrastructure and reduce client-perceived latency, thus enhancing user experience. However, client-side sessions are constrained by a 4kb cookie size limit that hampers an organization's ability to implement session-based client-side use cases. In the latest Identity Gateway release, organizations can now automatically split the client-side sessions over multiple cookies. This improves flexibility and ease of design by eliminating cookie size limitations, enabling use cases such as Post Data Preservation, so that developers can engineer better user experiences.
Expedite solution development
Expediting project delivery can be a key competitive advantage. However, projects often require customizations that slow delivery and make new features difficult to integrate, deliver, debug, and maintain.
For this reason, the 7.4 release incorporates significant enhancements to our identity orchestration engine that seamlessly integrate access management with identity management and enable developers to share code across journeys with a library of scripts.
For developers, the enhancements offer a number of benefits, including reduced duplication, less development work thanks to more out-of-the-box nodes, simplified code integration, lower maintenance overheads, easier debugging, and an overall increase in code stability. These features boost developer productivity, accelerate delivery of innovation, and expedite time to value for the business.
With data breaches and cyberthreats more prevalent than ever, security remains a top priority. Organizations need to ensure transactions are secured using strong cryptography. To this end, the 7.4 release provides the option to sign and verify data.
Signing generates a unique digital signature that is linked to the transaction data and serves as proof of identity. It can help to keep the data intact during transmission and execution, which ensures the authenticity, integrity, and non-repudiation of online transactions.
In addition to signing and verifying data, the 7.4 release offers the ability to store and retrieve privileged account credentials from vaults and rotate them without the need for a restart. This, coupled with ensuring nothing is stored in the clear (no plain-text credentials), enables fast and automatic rotation of privileged account credentials to deliver additional protection against security vulnerabilities associated with compromised passwords — without disruption to the business.
Another security feature of the 7.4 offers OAuth IP allowlisting. Organizations need to be able to control which clients are able to connect and receive access tokens. An allowlist approach enables a number of use cases, such as restricting the issuance of access tokens to clients that match a specific IP or list of IPs via custom scripting.
ForgeRock is fully committed to supporting all identities in any environment — whether the deployment is self-managed on-prem, hybrid cloud, or as-a-service. The ForgeRock Identity Platform 7.4 release empowers organizations to provide an unparalleled user experience, expedite project delivery, and strengthen security.
Many of the features in the 7.4 release are also currently available in the ForgeRock Identity Cloud. These capabilities support our existing cloud and hybrid customers, while offering organizations seeking a turnkey SaaS solution the same benefits available to our self-managed customers.
In addition to the features highlighted above, you can read about the many new 7.4 release capabilities in our release notes. To dig into the details, explore the full 7.4 product documentation for the 7.4 release and download the software today.