Understanding Object Relationships in ForgeRock IDM.

Object Relationships - a quick walk-thru and exercise

Exercise summary: Create a managed object called Organization and establish
many-to-many relationships bi-directionally to managed users and study the
behavior in UI and assignments to users. 

IDM have supported relationships between managed objects the past couple of
releases. When IDM 6.0 was launched way back (IDM is currently at version 7.0)
significant efforts in performance enhancements was made should you opt for
using a RDBMS as repository. 

In the past relations between objects have been somewhat non-intuitive to
configure. In the modern and contemporary releases, this is now very easy and
intuitively configured.

In this exercise we will create a new managed object called Organizations and
create a relationship to managed users. 

1. Create the managed object Organization.
   
   

   
2. Lets study the member property in more detail as this defines the actual Relationship back to managed user.
   
   

An enhancement done to IDM 6.0 and applicable to all subsequent versions, when creating relationships is that the managed user object will actually be updated with the back-referencing attribute. 

3. Now create two organization; Sales and Human Resources. No need to assign members at this point.
   
   
   
4. Now create a bunch of users and assign organizations via Configure->manage users.
   

And there we have it! By following these simple steps, an organization unit have now been created and we can easily assign users to belong to this. Of course, this opens up endless of possibilities for modelling your custom data model within IDM and also being able to traverse these relationships. Should you have any questions on this matter - feel free to leave comments below.

-= Over and Out =-