Hi,
We are using a ForgeRock Identity Platform deployment. Right now we are logging into the Platform Admin UI console using amAdmin.
But we want to change the process and allow users to login with their AD usernames. The users are imported to IDM. However the passwords are not imported. So ideally we would need an authentication journey flow to allow users to login to platform admin UI
How should one go about this?
One approach I considered is to front the platform UI admin login with IG. And once the users are authenticated with a journey, do an HTTP POST to log them in to platform UI using amadmin user. This can help with login. But still doesn’t help with accountability.
Or can we use the Delegated administration option effectively to allow normal users to login as admins?