As you probably know ForgeRock’s
OpenAM Access Manager (AM) supports OAuth2 out of the box. Great but you may be asking, “what is OAuth2?”.
OAuth2 is an authorization framework that can be used to allow a resource owner (typically the end user) to grant access (authorization) to a third-party (client). You’ve used OAuth when you logged into a website with your Google or Facebook credentials.
OAuth 2 is the protocol that makes specifications such as User Managed Access (UMA) possible.
ForgeRock has made it tremendously easy to deploy an Authorization Server and/or an OAuth Client right out of the box (as seen in the screencast below):