About OpenICF and OpenICF connectors

The ForgeRock Open Identity Connector Framework (OpenICF) provides interoperability between identity, compliance, and risk management solutions. An OpenICF connector enables provisioning software, such as IDM, to manage the identities that are maintained by a specific identity provider.

OpenICF connectors provide a consistent layer between identity applications and target resources, and expose a set of operations for the complete lifecycle of an identity. The connectors provide a way to decouple applications from the target resources to which data is provisioned.

OpenICF focuses on provisioning and identity management, but also provides general purpose capabilities, including authentication, create, read, update, delete, search, scripting, and synchronization operations. Connector bundles rely on the OpenICF Framework, but applications remain completely separate from the connector bundles. This lets you change and update connectors without changing your application or its dependencies.

Many connectors have been built within the OpenICF framework, and are maintained and supported by ForgeRock and by the OpenICF community. However, you can also develop your own OpenICF connector, to address a requirement that is not covered by one of the existing connectors. In addition, OpenICF provides two scripted connector toolkits, that let you write your own connectors based on Groovy or PowerShell scripts.

The OpenICF framework can use IDM, Sun Identity Manager, and Oracle Waveset connectors (version 1.1), and can use ConnID connectors up to version 1.4.

This guide provides the following information: