Unlock your full potential in IAM
This is Identitrain
Master Identity and Access Management with world-class training designed by experts who live it every day.
Led by practitioners, not theorists, our training gives you the skills to design, implement, and secure identity solutions that protect what matters most.
Choose Your Path to IAM Mastery
Built for Every IAM Professional
Training Designed by Practitioners, Proven in the Field
Join a Growing Community of IAM Experts
Upcoming
Courses
Certified Professional - PingOne Advanced Identity Cloud Exam Preparation
This course helps prepare students to take the Certified Professional - PingOne Advanced Identity Cloud exam, formerly known as the ForgeRock® Identity Cloud Certified Professional exam. This is accomplished by presenting students with information concerning exam contents, logistics, tips for preparing to take the exam, lab exercises to cover exam contents, and a sample exam that is representative of the exam, itself.
Upon completion of this course, you should be able to:
- Register to take the exam
- Prepare for the exam using recommended study materials
- Take the exam either remotely or at a Pearson Testing Center
The following are the prerequisites for successfully completing this course:
- Successful completion of the AIC-300 Getting Started With PingOne Advanced Identity Cloud for Administrators course
- Thorough understanding of all PingOne Advanced Identity Cloud documentation and Knowledge Base articles on Backstage
- 3-6 months of experience configuring and administering PingOne Identity tenants
- Working knowledge of OAuth 2.0, OpenID Connect and SAML v2.0
Course Contents
- Explain exam metrics and passing scores
- Provide an approach for responding to test questions
- Identify options for registering and taking the exam
- Describe testing center requirements
- Describe requirements for taking the exam online
- Show how to access exam results
- Review the exam details and requirements
- Explain exam topics and study areas
- Present the objectives covered in the exam
- Review important concepts associated with exam objectives
- Review sample questions associated with objectives
- Provide applicable materials for review
- Research topics which will be covered in the exam
- Navigate the PingOne Advanced Identity Cloud admin UI
- Describe PingOne Advanced Identity Cloud configuration settings
- Explain how to perform PingOne Advanced Identity Cloud related tasks
- Configure PingOne Advanced Identity Cloud related services
- Test a student’s knowledge of PingOne Advanced Identity Cloud
- Provide students with a representative exam experience
Certified Professional - PingOne Advanced Identity Cloud Exam Preparation
This course helps prepare students to take the Certified Professional - PingOne Advanced Identity Cloud exam, formerly known as the ForgeRock® Identity Cloud Certified Professional exam. This is accomplished by presenting students with information concerning exam contents, logistics, tips for preparing to take the exam, lab exercises to cover exam contents, and a sample exam that is representative of the exam, itself.
Upon completion of this course, you should be able to:
- Register to take the exam
- Prepare for the exam using recommended study materials
- Take the exam either remotely or at a Pearson Testing Center
The following are the prerequisites for successfully completing this course:
- Successful completion of the AIC-300 Getting Started With PingOne Advanced Identity Cloud for Administrators course
- Thorough understanding of all PingOne Advanced Identity Cloud documentation and Knowledge Base articles on Backstage
- 3-6 months of experience configuring and administering PingOne Identity tenants
- Working knowledge of OAuth 2.0, OpenID Connect and SAML v2.0
Course Contents
- Explain exam metrics and passing scores
- Provide an approach for responding to test questions
- Identify options for registering and taking the exam
- Describe testing center requirements
- Describe requirements for taking the exam online
- Show how to access exam results
- Review the exam details and requirements
- Explain exam topics and study areas
- Present the objectives covered in the exam
- Review important concepts associated with exam objectives
- Review sample questions associated with objectives
- Provide applicable materials for review
- Research topics which will be covered in the exam
- Navigate the PingOne Advanced Identity Cloud admin UI
- Describe PingOne Advanced Identity Cloud configuration settings
- Explain how to perform PingOne Advanced Identity Cloud related tasks
- Configure PingOne Advanced Identity Cloud related services
- Test a student’s knowledge of PingOne Advanced Identity Cloud
- Provide students with a representative exam experience
PingIDM Administration
Learn how to install and deploy PingIDM (IDM) in an on-prem or self-managed cloud environment to manage the lifecycle and relationship of digital identities. Topics include how to model identity objects in IDM, create connector configurations and synchronization mappings to manage the flow identity objects and properties with various external identity resources, manage workflows, and deploy IDM within a cluster. This course explores the identity management-related features in depth, how they work, and the configuration options available during implementation.
Note: Revision A of this course is based on version 8.0.1 of PingIDM.
Upon completion of this course, you should be able to:
- Provide an overview of the lab environment, model objects and identities, and set up the end-user UI with IDM
- Create and configure connections between external resources and IDM
- Synchronize identity data across multiple external resources, in real-time or by scheduling reconciliation events, and consolidate multiple identity data stores into one centralized identity store
- Install and deploy IDM in an on-prem or cloud provider Linux environment
The following are the prerequisites for successfully completing this course:
- Completion of the PingIDM Essentials course available at: https://backstage.pingidentity.com/university/on-demand/category/PING
- Basic knowledge and skills using the Linux operating system will be required to complete the labs.
- Basic knowledge of JSON, JavaScript, REST, Java, Groovy, SQL and LDAP would be helpful for understanding the examples; however, programming experience is not required.
Chapter 1: Building and Configuring the Prerequisites
Provide an overview of the lab environment, model objects and identities, and set up the end-user UI with IDM.
Lesson 1: Setting Up the Lab
Provide an overview of how to set up the lab environment:
- Install IDM
- Explore the auxiliary software
Lesson 2: Modeling Objects and Identities
Describe how to model objects and identities via REST:
- Introduce the Postman collection
- Run the Postman collection
Lesson 3: Setting Up the End-User UI
Describe how to configure the end-user UI:
- Install and configure the end-user UI
- Retrieve, compile and deploy the end-user UI
- Access the end-user UI
Chapter 2: Managing Connectors
Create and configure connections between external resources and IDM.
Lesson 1: Configuring Connectors With the IDM Admin UI
Create a connector configuration to connect to an external resource using the IDM admin UI:
- Connect external resources to IDM
- Create a connector configuration using the IDM admin UI
- Add a connector configuration for an external LDAP resource
- Add a CSV connector configuration
- Add a connector configuration to import device identities
Lesson 2: Configuring Connectors Over REST
Create a connector configuration in IDM over the REST interface:
- Create a connector configuration over REST
- Describe the core connector configuration settings
- Describe the object types and property mappings
- Use the scripted SQL connector
- Create a scripted SQL connector configuration
Chapter 3: Managing Synchronization and Reconciliation
Synchronize identity data across multiple external resources, in real-time or by scheduling reconciliation events, and consolidate multiple identity data stores into one centralized identity store.
Lesson 1: Performing Basic Synchronization
Describe how to use the IDM admin UI to create sync mappings to reconcile identities between IDM and an external resource:
- Create mappings to synchronize identity objects and properties
- Create a sync mapping from IDM to an external resource
- Add source and target properties to the sync mapping
- Add a correlation query and a situational event script
- Set the situational behaviors and run reconciliation
- Add a sync mapping from IDM to an LDAP server
- Describe the sync mapping from an LDAP server to IDM
- Add a sync mapping from an LDAP server to IDM
- Create a sync mapping to provision devices to the IDM repository
Lesson 2: Running Selective Synchronization and LiveSync
Filter objects that are synchronized and automate synchronization using LiveSync:
- Filter entries
- Run selective synchronization using filters
- Use LiveSync to synchronize changes
- Trigger LiveSync on a connector
- Schedule LiveSync
- Schedule LiveSync with an external resource
- Control synchronization to multiple targets
Lesson 3: Configuring Role-Based Provisioning
Automatically provision users to a set of LDAP groups based on role membership:
- Provision attributes to a target system based on static role assignments
- Enable role-based provisioning
- Query the role assignment properties using the REST interface
- Provision attributes to a target resource based on static role assignments
- Provision attributes to a target system based on dynamic role assignments
- Provision attributes to a target resource based on dynamic role assignments
- Add temporal constraints to a role
- Set temporal constraints on a role
Lesson 4: Configuring a Custom Endpoint
Describe how to configure a custom endpoint:
- Use a custom endpoint
- Create a custom endpoint (optional)
Chapter 4: Installing and Deploying IDM
Install and deploy IDM in an on-prem or cloud provider Linux environment.
Lesson 1: Installing an IDM instance
Install a stand-alone IDM instance for development and test the IDM sample configurations:
- Describe the basic IDM installation requirements
- Install and start IDM
- Install IDM
- Select MariaDB as a backend repository
- Describe how to start IDM with a sample configuration
- Start IDM with a sample configuration
- Describe how to configure IDM to run as a background process or service
- Configure IDM to run as a background process
Lesson 2: Monitoring and Troubleshooting
Describe how to set up monitoring and perform basic troubleshooting:
- Describe the monitoring options available for IDM
- Set up monitoring in IDM
- Describe the different IDM log files
- Examine the different log files in IDM (optional)
Lesson 3: Managing Passwords
Describe how to set up and fine-tune password policies and synchronizations in an IDM deployment:
- Describe password policies in IDM
- Set up password policies in IDM
- Describe password synchronization from DS into IDM
- Set up password synchronization from DS into IDM
PingOne Administration
This course gives learners the tools to get started with PingOne administration. It covers initial setup tasks, including creating and managing PingOne environments, application integration, and customization. This course also provides information on most common administration tasks, including user and group management, managing access policies, best practices, and troubleshooting of common issues.
Upon completion of this course, you should be able to:
- Summarize PingOne capabilities and key features, describe PingOne support resources, and create a new PingOne environment
- Demonstrate administration of PingOne user populations, user roles, attributes, and groups
- Demonstrate integration and troubleshooting of PingOne applications
- Demonstrate how to use access control policies within PingOne
- Describe how to manage the process of establishing a person’s identity and then using this identity in later transactions within PingOne
- Demonstrate troubleshooting techniques and best practices within PingOne
The following are the prerequisites for successfully completing this course:
- Completion of the following courses available at: https://backstage.forgerock.com/university/ping/on-demand/category/PING
- PingOne Fundamentals
- Introduction to PingOne MFA
- Getting Started With PingOne MFA
- Getting Started With PingOne SSO
- (Optional) Introduction to PingOne DaVinci
- Describe PingOne as a cloud-based IDaaS solution
- Describe PingOne environment solutions
- Create a new environment
- Locate Ping Identity support resources
Lesson 1: Managing Users and Populations
Describe how to manage users in PingOne, including how to create populations and add individual users:
- Review default users
- Edit default users
- Create populations
- Create a new population
- Create new users
- Create a new user
- Manage administrator roles
- Assign roles to administrators
- Understand user attributes
- Manage user attributes
- Manage user groups
- Manage user group memberships
Lesson 1: Describing the Supported Federation Protocols
- Understand federation protocols
- Add an application from the catalog
- Understand SAML2
- Add a custom SAML2 application
- Understand OAuth2
- Understand OIDC
- Add a custom OIDC application
- Administer the Application Portal
- Describe authentication failures
- Define SSO failures
- Describe attribute mapping errors
- Determine certificate issues
- Define group membership issues
- Describe application integration issues
- Define gateway access issues
- Describe best practices
Lesson 1: Managing Authentication Policies
- Describe authentication policies
- Create an authentication policy
- Define password policies
- Edit a password policy
- Describe MFA and FIDO policies
- Create an MFA policy
- Create a FIDO policy
Lesson 1: Managing User Onboarding
- Onboard users
- Create users manually
- Provision users
- Administer user accounts
- Manage a user account
- Offboard users
- Monitor activity and view reports
Chapter 6: Troubleshooting and Best Practices
Demonstrate troubleshooting techniques and best practices within PingOne.
- Introduce the troubleshooting process
- Understand common troubleshooting techniques
- Maintain a healthy PingOne environment
PingAccess Administration
This course provides the information you need to set up and configure PingAccess as a policy server to protect both web applications and APIs. After completing this course, you will know how to configure PingAccess in both a gateway and agent model, and configure different types of policies that PingAccess offers.
Upon completion of this course, you should be able to:
- Discover how to configure PingAccess as a reverse proxy, and connect PingAccess to a token provider (PingFederate)
- Configure PingAccess as a Reverse Proxy
- Configure policies in PingAccess to further bolster administration capabilities
The following are the prerequisites for successfully completing this course:
- Completion of the following courses:https://backstage.pingidentity.com/university/on-demand/category/PING
- Introduction to PingAccess
- Getting Started With PingAccess
- Introduction to PingFederate
- Getting Started With PingFederate
Chapter 1: Configuring and Connecting PingAccess
Discover how to configure PingAccess as a reverse proxy, and connect PingAccess to a token provider (PingFederate).
Lesson 1: Configuring PingAccess as a Reverse Proxy (Gateway Model)
Describe how to configure PingAccess as a reverse proxy (gateway model):
- Introduce the gateway model
- Enable PingAccess as a reverse proxy
- Configure PingAccess resources and rewrite rules
Lesson 2: Connecting PingAccess to a Token Provider (PingFederate)
Describe the responsibilities of token providers and how to configure PingAccess to use PingFederate as a token provider:
- Introduce token providers
- Configure OAuth2 in PingFederate
- Configure PingAccess using the gateway model
Chapter 2: Configuring PingAccess Applications, Agents, and Sites
Configure PingAccess as a Reverse Proxy.
Lesson 1: Protecting Web Apps
Describe how to protect web apps by configuring them with PingAccess and OpenID Connect (OIDC):
- Define the OIDC protocol
- Introduce web sessions
- Create a web session using OIDC claims
Lesson 2: Working With Sites
Create identity mappings and advanced web session:
- Create identity mappings and advanced web sessions
Lesson 3: Working With Rules and Policies
Describe how to work with rules and policies within PingAccess:
- Describe the rules and policies process
- Create web access rules
- Create API access control rules
Chapter 3: Configuring Policies and Administration
Configure policies in PingAccess to further bolster administration capabilities.
Lesson 1: Maintaining PingAccess Discuss how to maintain PingAccess through resources, audit logs, and redirection:
- Dive deeper into resources
- Examine audit logs
- Manage redirection
Lesson 2: Configuring PingAccess as a Policy Server (Agent Model)
Configure PIngAccess to be a policy server by implementing the agent model:
- Introduce the agent model
Lesson 3: Optimizing and Configuring PingAccess
Optimize PingAccess through configuration, single sign-on (SSO), and the admin API:
- Implement improvements
- Enable PingAccess administrator SSO
- Use the PingAccess administrative API
- Increase the JVM Heap Size
Lesson 4: Creating PingAccess Clusters
Create PingAccess clusters to increase resilience and simplify procedures:
- Deploy clustersConfigure simple clusters in PingAccess (Optional)
Getting Started With PingOne DaVinci
This course provides the foundation to design, build, and integrate identity orchestration flows using PingOne DaVinci (DaVinci). You will create user interactions, extend flows with APIs, and integrate these solutions into applications. You will also leverage core PingOne services like SSO, identity management, and analytics. Through hands-on labs and instruction, you will gain the skills to deploy real-world orchestration solutions with confidence.
Upon completion of this course, you should be able to:
- Build basic user interactions with DaVinci flows
- Integrate a DaVinci flow into an application
- Integrate PingOne single sign-on (SSO) and identities in DaVinci flows
- Build an authentication flow in DaVinci
- Provide custom analytics in a DaVinci flow
The following are the prerequisites for successfully completing this course:
- Basic understanding of JavaScript, HTML, CSS, and the PingOne Platform
- Completion of the Introduction to PingOne DaVinci course available at:
Chapter 1: Building Basic User Interactions With DaVinci Flows
Build basic user interactions with DaVinci flows.
Lesson 1: Defining the Basic Flow and Interaction Steps
Define the basic flow and provide an introduction to the foundational concepts of DaVinci:
- Introduce the PingOne Platform and DaVinci
- Access and launch the DaVinci admin console
- Understand Flows
- Build basic user interaction in a flow
Lesson 2: Using Functions and API Calls
Define the basic flow and provide an introduction to the foundational concepts of DaVinci:
- Extend DaVinci flows
- Verify the age of the user
- Make an API callCollect the user’s email and password
- Implement a robot check
- Document the flow
Lesson 3: Improving the User Experience
Use more advanced concepts in DaVinci to implement your flows:
- Improve the UI
- Convert user interactions to use HTML templates
Lesson 4: Using Variables and Form Validation
Expand further the functionality of your existing flow by using flow variables and improving interaction with the user:
- Incorporate variables
- Understand localizing flows
- Use flow variables and form validation
- Incorporate form validation
- Improve form validation inputs
- Troubleshoot issues
Lesson 5: Using Subflows to Manage Complexity
Externalize functionality that is often reused or complex to its own flow; for example, if the flow needed to connect to an API that isn’t available as a native connector, CRUD operations could be built in a new flow that could be leveraged by many:
- Create and use subflows
- Implement the subflow
- Replace the API call with the subflow
Chapter 2: Integrating a DaVinci Flow Into an Application
Integrate a DaVinci flow into an application.
Lesson 1: Integrating an Application to Launch a Flow
Integrate the flow into a web application which allows the application to provide the CSS (look and feel). Other flows can also be integrated to enable a richer user experience:
- Add a flow to a web application
- Create and customize the application
Lesson 2: Using a CSS in Flows vs Applications
Review how CSS is leveraged in a flow vs an application, and determine the advantages of leaving the presentation layer controlled by your application rather than using a CSS in your flow:
- Leverage a CSS
- Determine how a custom CSS in a flow is embedded with a web application
Lesson 3: Adding a Flow to an Existing Applicatio
Take the flow and integrate it into a web application:
- Embed flows using the widget method
- Import the DaVinci JavaScript library
- Create a JavaScript method to call the flow
Lesson 4: Integrating Non-UI Flows
Explore how DaVinci can accelerate development when integrating with backend services and APIs, enriching the overall user experience:
- Integrate a non-UI flow
- Build out your flow
- Integrate the flow
Lesson 5: Passing Data Into a Flow From an Application
Run through the process of passing data into a flow, whether it has user interaction or not:
- Enable dynamic flows
- Create and integrate a DaVinci subflow
Lesson 6: Performing A/B Testing
Define a flow that deals with age first, instead of name, during registration:
- Understand A/B testing
- Define a new flow
- Incorporate flow policies
- Build out a flow policy
Chapter 3: Integrating PingOne SSO and Identities in DaVinci Flows
Integrate PingOne SSO and identities in DaVinci flows.
Lesson 1: Setting Up Parallel Processing
Set up a flow that has two paths that execute in parallel and then come to their own conclusion:
- Implement parallel processing
- Leverage the PingOne Notification service
Lesson 2: Automating Flows With DaVinci Admin APIs
Learn how to manage DaVinci programmatically using the DaVinci Admin APIs:
- Understand DaVinci Admin APIs
- Explain administrator roles
Lesson 3: Creating Registered Accounts
Take the information collected during the registration process and create a user account in PingOne, which is the first step to expanding the capabilities of the application to support authentication:
- Create registered accounts
- Review your PingOne setup
- Build out a new registration flow
- Verify if an account already exists
Lesson 4: Verifying an Email Address
Establish a process to verify the email address of the user:
- Configure email verification
- Create an email verification subflow
- Complete the subflow
Chapter 4: Building an Authentication Flow in DaVinci
Build an authentication flow in DaVinci.
Lesson 1: Handling Authentication
Handle authentication for the application:
- Design and implement the authentication flow
- Design the flow logic
- Implement teleports for flow efficiency
- Authenticate and validate user identity
Lesson 2: Handling Forgotten Passwords
Handle forgotten password in the authentication flow:
- Manage password recovery flows
- Develop the end-to-end forgot password flow
Lesson 3: Adding an Authentication Method
Add another method of authentication, an email magic link, for the users of the application:
- Implement magic link authentication
- Add a magic link authentication method
Chapter 5: Providing Custom Analytics in a DaVinci Flow
Provide custom analytics in a DaVinci flow.
Lesson 1: Leveraging analytics to monitor flow usage
Implement custom analytics to track key business milestones and user behavior across DaVinci flows:
- Understand and apply flow analytics
- Configure authentication analysis