ForgeRock

ForgeRock Autonomous Identity API

REST API for the Autonomous Identity analytics platform that uses AI-driven analysis to determine confidence scores, predictions, and recommendations for entitlement assignments.

GitHub OpenAPI

Documentation

📖
Documentation
https://backstage.forgerock.com/docs/autonomous-identity/2022.11.0/api-guide/preface.html

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/forgerock/refs/heads/main/openapi/forgerock-autonomous-identity-openapi.yml

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/forgerock/refs/heads/main/capabilities/autonomous-identity-analytics.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/forgerock/refs/heads/main/capabilities/autonomous-identity-applications.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/forgerock/refs/heads/main/capabilities/autonomous-identity-company-view.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/forgerock/refs/heads/main/capabilities/autonomous-identity-entitlements.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/forgerock/refs/heads/main/capabilities/autonomous-identity-rules.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/forgerock/refs/heads/main/capabilities/autonomous-identity-users.yaml

OpenAPI Specification

forgerock-autonomous-identity-openapi.yml Raw ↑ 
openapi: 3.1.0
info:
  title: ForgeRock Autonomous Identity API
  description: >-
    REST API for the ForgeRock Autonomous Identity analytics platform. Uses
    AI-driven analysis powered by Apache Spark to determine confidence scores,
    predictions, and recommendations for entitlement assignments. Provides
    endpoints for accessing entitlements, rules, applications, company views,
    and analytics data.
  version: 2022.11.0
  contact:
    name: ForgeRock
    url: https://www.forgerock.com
  license:
    name: Proprietary
    url: https://www.forgerock.com/terms
  x-provider: forgerock
  x-api: autonomous-identity

servers:
  - url: https://{deployment}/autoid
    description: ForgeRock Autonomous Identity server
    variables:
      deployment:
        default: autoid.example.com
        description: The Autonomous Identity deployment hostname

security:
  - bearerAuth: []

tags:
  - name: Analytics
    description: Analytics pipeline status and results

  - name: Applications
    description: Query onboarded application data
  - name: Company View
    description: Company-wide analytics and dashboards
  - name: Entitlements
    description: Query entitlements and confidence scores
  - name: Rules
    description: Access entitlement assignment rules and justifications
  - name: Users
    description: Query user entitlement data and recommendations
paths:
  /api/entitlements:
    get:
      operationId: listEntitlements
      summary: ForgeRock List entitlements
      description: >-
        Query entitlements across all onboarded applications. Returns
        entitlement details with aggregated confidence score statistics.
      tags:
        - Entitlements
      parameters:
        - $ref: '#/components/parameters/PageSize'
        - $ref: '#/components/parameters/Offset'
        - name: application
          in: query
          description: Filter by application name
          schema:
            type: string
        - name: confidenceThreshold
          in: query
          description: Minimum confidence score threshold (0-100)
          schema:
            type: number
            minimum: 0
            maximum: 100
      responses:
        '200':
          description: List of entitlements with confidence data
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EntitlementList'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'

  /api/entitlements/{entitlementId}:
    get:
      operationId: getEntitlement
      summary: ForgeRock Get entitlement details
      description: >-
        Retrieve detailed information about a specific entitlement including
        confidence score distribution, assigned users, and driving attributes.
      tags:
        - Entitlements
      parameters:
        - name: entitlementId
          in: path
          required: true
          description: The entitlement identifier
          schema:
            type: string
      responses:
        '200':
          description: Entitlement details with analytics
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EntitlementDetail'
        '404':
          description: Entitlement not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'

  /api/entitlements/{entitlementId}/users:
    get:
      operationId: listEntitlementUsers
      summary: ForgeRock List users with entitlement
      description: >-
        List all users assigned to a specific entitlement with their
        individual confidence scores and driving attributes.
      tags:
        - Entitlements
      parameters:
        - name: entitlementId
          in: path
          required: true
          description: The entitlement identifier
          schema:
            type: string
        - $ref: '#/components/parameters/PageSize'
        - $ref: '#/components/parameters/Offset'
        - name: confidenceThreshold
          in: query
          description: Filter by minimum confidence score
          schema:
            type: number
      responses:
        '200':
          description: List of users with confidence scores
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/EntitlementUserList'

  /api/entitlements/{entitlementId}/recommendations:
    get:
      operationId: getEntitlementRecommendations
      summary: ForgeRock Get entitlement recommendations
      description: >-
        Retrieve recommendations for users who do not have the entitlement
        but should, based on their attribute data and the AI model's
        predictions.
      tags:
        - Entitlements
      parameters:
        - name: entitlementId
          in: path
          required: true
          description: The entitlement identifier
          schema:
            type: string
        - $ref: '#/components/parameters/PageSize'
        - $ref: '#/components/parameters/Offset'
        - name: confidenceThreshold
          in: query
          description: Minimum confidence score for recommendations
          schema:
            type: number
      responses:
        '200':
          description: Recommendations for the entitlement
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RecommendationList'

  /api/rules:
    get:
      operationId: listRules
      summary: ForgeRock List assignment rules
      description: >-
        Query entitlement assignment rules derived from the AI model.
        Rules explain why specific entitlements are assigned based on
        user attribute combinations.
      tags:
        - Rules
      parameters:
        - $ref: '#/components/parameters/PageSize'
        - $ref: '#/components/parameters/Offset'
        - name: entitlement
          in: query
          description: Filter by entitlement name
          schema:
            type: string
        - name: application
          in: query
          description: Filter by application name
          schema:
            type: string
      responses:
        '200':
          description: List of rules
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RuleList'

  /api/rules/{ruleId}:
    get:
      operationId: getRule
      summary: ForgeRock Get a rule
      description: Retrieve details of a specific assignment rule.
      tags:
        - Rules
      parameters:
        - name: ruleId
          in: path
          required: true
          description: The rule identifier
          schema:
            type: string
      responses:
        '200':
          description: Rule details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Rule'
        '404':
          description: Rule not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'

  /api/applications:
    get:
      operationId: listApplications
      summary: ForgeRock List applications
      description: >-
        Query onboarded applications in the Autonomous Identity platform.
      tags:
        - Applications
      parameters:
        - $ref: '#/components/parameters/PageSize'
        - $ref: '#/components/parameters/Offset'
      responses:
        '200':
          description: List of applications
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApplicationList'

  /api/applications/{applicationId}:
    get:
      operationId: getApplication
      summary: ForgeRock Get an application
      description: Retrieve details of a specific onboarded application.
      tags:
        - Applications
      parameters:
        - name: applicationId
          in: path
          required: true
          description: The application identifier
          schema:
            type: string
      responses:
        '200':
          description: Application details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Application'
        '404':
          description: Application not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'

  /api/users/{userId}/entitlements:
    get:
      operationId: listUserEntitlements
      summary: ForgeRock List user entitlements
      description: >-
        Retrieve all entitlements assigned to a specific user with their
        confidence scores and justification data.
      tags:
        - Users
      parameters:
        - name: userId
          in: path
          required: true
          description: The user identifier
          schema:
            type: string
        - $ref: '#/components/parameters/PageSize'
        - $ref: '#/components/parameters/Offset'
        - name: confidenceThreshold
          in: query
          description: Filter by minimum confidence score
          schema:
            type: number
      responses:
        '200':
          description: List of user entitlements with confidence scores
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/UserEntitlementList'

  /api/users/{userId}/recommendations:
    get:
      operationId: getUserRecommendations
      summary: ForgeRock Get user recommendations
      description: >-
        Get recommended entitlements for a user based on their attributes
        and the AI model's predictions.
      tags:
        - Users
      parameters:
        - name: userId
          in: path
          required: true
          description: The user identifier
          schema:
            type: string
        - $ref: '#/components/parameters/PageSize'
        - $ref: '#/components/parameters/Offset'
      responses:
        '200':
          description: Entitlement recommendations for the user
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RecommendationList'

  /api/companyview:
    get:
      operationId: getCompanyView
      summary: ForgeRock Get company view analytics
      description: >-
        Retrieve company-wide analytics including confidence score
        distributions, entitlement statistics, and risk metrics
        across the entire organization.
      tags:
        - Company View
      responses:
        '200':
          description: Company-wide analytics
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CompanyView'

  /api/analytics/status:
    get:
      operationId: getAnalyticsStatus
      summary: ForgeRock Get analytics pipeline status
      description: >-
        Retrieve the current status of the analytics pipeline, including
        training status, last run time, and pipeline health.
      tags:
        - Analytics
      responses:
        '200':
          description: Analytics pipeline status
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AnalyticsStatus'

  /api/analytics/reports:
    get:
      operationId: listAnalyticsReports
      summary: ForgeRock List analytics reports
      description: >-
        List available analytics reports from completed pipeline runs.
      tags:
        - Analytics
      parameters:
        - $ref: '#/components/parameters/PageSize'
        - $ref: '#/components/parameters/Offset'
      responses:
        '200':
          description: List of analytics reports
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AnalyticsReportList'

components:
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: Authentication token for Autonomous Identity API

  parameters:
    PageSize:
      name: maxResults
      in: query
      description: Maximum number of results to return
      schema:
        type: integer
        minimum: 1
        default: 25
    Offset:
      name: offset
      in: query
      description: Offset for pagination
      schema:
        type: integer
        minimum: 0
        default: 0

  schemas:
    EntitlementDetail:
      type: object
      description: Detailed entitlement with analytics data
      properties:
        id:
          type: string
        name:
          type: string
          description: Entitlement name
        description:
          type: string
        application:
          type: string
          description: Source application name
        totalUsers:
          type: integer
          description: Number of users with this entitlement
        averageConfidenceScore:
          type: number
          description: Average confidence score across all assignments
        confidenceDistribution:
          type: object
          description: Distribution of confidence scores
          properties:
            high:
              type: integer
              description: Assignments with confidence >= 80%
            medium:
              type: integer
              description: Assignments with confidence 50-79%
            low:
              type: integer
              description: Assignments with confidence < 50%
        drivingAttributes:
          type: array
          description: User attributes that most influence this entitlement assignment
          items:
            type: object
            properties:
              attribute:
                type: string
              weight:
                type: number

    EntitlementList:
      type: object
      properties:
        result:
          type: array
          items:
            $ref: '#/components/schemas/EntitlementDetail'
        totalResults:
          type: integer
        offset:
          type: integer

    EntitlementUserList:
      type: object
      properties:
        result:
          type: array
          items:
            type: object
            properties:
              userId:
                type: string
              userName:
                type: string
              confidenceScore:
                type: number
                description: Confidence score (0-100)
              drivingAttributes:
                type: object
                description: Attributes driving the confidence score
                additionalProperties:
                  type: string
        totalResults:
          type: integer

    RecommendationList:
      type: object
      description: Entitlement recommendations
      properties:
        result:
          type: array
          items:
            type: object
            properties:
              userId:
                type: string
              userName:
                type: string
              entitlementId:
                type: string
              entitlementName:
                type: string
              application:
                type: string
              confidenceScore:
                type: number
                description: Predicted confidence score
              drivingAttributes:
                type: object
                additionalProperties:
                  type: string
        totalResults:
          type: integer

    Rule:
      type: object
      description: An entitlement assignment rule from the AI model
      properties:
        id:
          type: string
        entitlement:
          type: string
          description: Entitlement this rule applies to
        application:
          type: string
        conditions:
          type: array
          description: Attribute conditions that define this rule
          items:
            type: object
            properties:
              attribute:
                type: string
              operator:
                type: string
                enum:
                  - equals
                  - contains
                  - startsWith
              value:
                type: string
        confidenceScore:
          type: number
          description: Confidence score for assignments matching this rule
        coverageCount:
          type: integer
          description: Number of users matching this rule

    RuleList:
      type: object
      properties:
        result:
          type: array
          items:
            $ref: '#/components/schemas/Rule'
        totalResults:
          type: integer

    Application:
      type: object
      description: An onboarded application
      properties:
        id:
          type: string
        name:
          type: string
        description:
          type: string
        totalEntitlements:
          type: integer
        totalUsers:
          type: integer
        averageConfidenceScore:
          type: number

    ApplicationList:
      type: object
      properties:
        result:
          type: array
          items:
            $ref: '#/components/schemas/Application'
        totalResults:
          type: integer

    UserEntitlementList:
      type: object
      properties:
        result:
          type: array
          items:
            type: object
            properties:
              entitlementId:
                type: string
              entitlementName:
                type: string
              application:
                type: string
              confidenceScore:
                type: number
              drivingAttributes:
                type: object
                additionalProperties:
                  type: string
              justification:
                type: string
                description: AI-generated justification for the assignment
        totalResults:
          type: integer

    CompanyView:
      type: object
      description: Company-wide analytics summary
      properties:
        totalUsers:
          type: integer
        totalEntitlements:
          type: integer
        totalApplications:
          type: integer
        averageConfidenceScore:
          type: number
        confidenceDistribution:
          type: object
          properties:
            high:
              type: integer
            medium:
              type: integer
            low:
              type: integer
        riskSummary:
          type: object
          properties:
            highRiskUsers:
              type: integer
              description: Users with many low-confidence assignments
            highRiskEntitlements:
              type: integer
              description: Entitlements with low average confidence
            outlierAssignments:
              type: integer
              description: Assignments that differ from peer groups

    AnalyticsStatus:
      type: object
      description: Analytics pipeline status
      properties:
        pipelineStatus:
          type: string
          enum:
            - idle
            - running
            - completed
            - failed
        lastRunTime:
          type: string
          format: date-time
        lastRunDuration:
          type: string
          description: Duration of the last pipeline run
        trainingStatus:
          type: string
          enum:
            - not_started
            - training
            - completed
            - failed
        predictionStatus:
          type: string
          enum:
            - not_started
            - running
            - completed
            - failed
        recommendationStatus:
          type: string
          enum:
            - not_started
            - running
            - completed
            - failed

    AnalyticsReportList:
      type: object
      properties:
        result:
          type: array
          items:
            type: object
            properties:
              id:
                type: string
              runDate:
                type: string
                format: date-time
              status:
                type: string
              totalEntitlementsProcessed:
                type: integer
              totalUsersProcessed:
                type: integer
              averageConfidenceScore:
                type: number
        totalResults:
          type: integer

    ErrorResponse:
      type: object
      properties:
        code:
          type: integer
        reason:
          type: string
        message:
          type: string