HYPR ForgeRock Node

Extensions

HYPR and ForgeRock have partnered to deliver a True Passwordless authentication experience to the enterprise. The HYPR solution ensures that your users’ credentials always remain safe on personal devices. Eliminating centralized passwords enables HYPR to remove the target and provide a secure passwordless experience for your customers and employees.

By decentralizing user authentication, HYPR minimizes the risk of a breach, eliminates credential reuse, and enables enterprises to trust anyone.

Prerequisites

  • Have a deployed ForgeRock OpenAM 6.0+ instance deployed
  • Have a deployed HYPR Server with access to the HYPR Control Center (CC)
  • Have an application in CC created for ForgeRock

🚧

NEED HELP?

Contact HYPR or ForgeRock for any assistance in the deployment of HYPR or ForgeRock OpenAM.

Building from the Source

Contact HYPR for the HYPR Java SDK .jar, which is used by the HYPR Authentication Node.

πŸ‘

GITHUB REPO

https://github.com/HYPR-Corp-Public/HYPR-Forgerock-Authentication-Node

Issue the following Git commands:

$ git clone ...
$ cd Forgerock-Authentication-Node
$ mvn clean package

Installation

Follow these steps to install the HYPR Authentication Node to ForgeRock:

  1. Stop the instance of Tomcat hosting ForgeRock.
  2. Copy the HYPR node .jar file and the HYPR Java SDK .jar file to ../tomcat/webapps/openam/WEB-INF/lib/.
  3. Start the instance of Tomcat hosting ForgeRock.

Setup

With the HYPR Authentication Node deployed within the OpenAM installation you will be able to create an authentication tree which utilizes HYPR for authentication.

  1. Log into the OpenAM administrative console and navigate to Realm\Authentication\Trees.

  1. Select the authentication tree to include HYPR Authentication.

  2. Within the Authentication Tree you will see the HYPR Auth Initiator and HYPR Auth Decision nodes are available. The HYPR Auth nodes require the use of the Username Collector node to identify the user. Include these nodes in the tree in this order, as depicted in the image below:

    • Username Collector
    • HYPR Auth Initiator
    • HYPR Auth Decision

To configure these nodes you must click on the HYPR Auth Initiator and HYPR Auth Decision nodes individually. This will provide you the option to configure these nodes as required.

You will need the following information details for this configuration:

  • HYPR Base URL - https://example.hypr.com
  • Application ID - applicationId