ForgeRock Nodes


HYPR and ForgeRock have partnered to deliver true passwordless authentication to the enterprise. Follow this guide to deploy HYPR with ForgeRock.


  • Have a ForgeRock OpenAM 6.0+ instance deployed
  • Have a deployed HYPR Server with access to the HYPR Control Center
  • Have an application in the Control Center created for ForgeRock


Contact HYPR or ForgeRock for any assistance in the deployment of HYPR or ForgeRock OpenAM.

Building from the Source

To build this node from the source you will need to contact HYPR for the HYPR Java SDK jar, which is used by the authentication node.


GitHub Repo:

$ git clone ...
$ cd Forgerock-Authentication-Node
$ mvn clean package 


To install the HYPR Authentication Node to ForgeRock you, follow these steps:

  1. Stop the instance of Tomcat hosting ForgeRock
  2. Copy the HYPR node .jar file and the hypr Java SDK jar file to ../tomcat/webapps/openam/WEB-INF/lib/
  3. Start the instance of Tomcat hosting ForgeRock


With the HYPR Authentication Node deployed within the OpenAM installation you will be able to create an authentication tree which utilizes HYPR for authentication.

Log into the OpenAM administrative console and navigate to: Realm\Authentication\Trees


Select the authentication tree onto which you want to include HYPR Authentication.

Within the Authentication Tree you will see the 'HYPR Auth Initiator' and 'HYPR Auth Decision' nodes are available. The HYPR Auth nodes require the use of the Username Collector node to identify the user.

Include these nodes in the tree in this order, as shown in the image below:

  1. Username Collector
  2. HYPR Auth Initiator
  3. HYPR Auth Decision

To configure these nodes you will need to click on the 'HYPR Auth Initiator' and 'HYPR Auth Decision' nodes individually. This will provide you the option to configure these nodes as required.

You will need the following information details for this configuration:

  1. HYPR Base URL -
  2. Application ID - applicationId