🧰 Tools
πŸ”PKCE πŸ“œSAML πŸ”—URL ⏰Time 🎫JWT πŸš€REST πŸ“YAML πŸ”„XML πŸ”€B64 πŸ”’ROT47 πŸ—οΈForgeRock

Build ForgeRock URLs for OAuth 2.0, Journeys, IDM, and SAML

Authorization URL:
Token Endpoint:
πŸ“‹ Other Common OAuth 2.0 Endpoints

UserInfo: {base_url}/oauth2{realm_path}/userinfo

JWKS URI: {base_url}/oauth2{realm_path}/connect/jwk_uri

Discovery: {base_url}/oauth2{realm_path}/.well-known/openid-configuration

Introspect: {base_url}/oauth2{realm_path}/introspect

Revoke: {base_url}/oauth2{realm_path}/token/revoke

Journey Authentication URL:
cURL Example:
πŸ“‹ Other Common AM Endpoints

Session Validate: POST {base_url}/json/sessions/{tokenId}?_action=validate

Session Logout: POST {base_url}/json/sessions/?_action=logout

Policy Evaluate: POST {base_url}/json{realm_path}/policies?_action=evaluate

Server Info: GET {base_url}/json/serverinfo/*

IDM Query URL:
cURL Example:
πŸ“‹ Other Common IDM Endpoints

Reconciliation: POST {base_url}/openidm/recon?_action=recon&mapping={mapping-name}

Sync Specific: POST {base_url}/openidm/sync?_action=performAction&reconId={reconId}&action={action}

Create Object: POST {base_url}/openidm/{object-type}?_action=create

Update Object: PUT {base_url}/openidm/{object-type}/{id}

Patch Object: PATCH {base_url}/openidm/{object-type}/{id}

Delete Object: DELETE {base_url}/openidm/{object-type}/{id}

Relationships: GET {base_url}/openidm/{object-type}/{id}/{relationship-field}?_queryFilter=true

SAML SSO URL:
πŸ“‹ Other Common SAML Endpoints

SP Metadata: {base_url}/saml2/jsp/exportmetadata.jsp?realm={realm}&entityid={sp-entity-id}

IdP Metadata: {base_url}/saml2/jsp/exportmetadata.jsp?realm={realm}&entityid={idp-entity-id}

Single Logout (SP): {base_url}/SSORedirect/metaAlias{realm_path}/{sp-name}?binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect

Single Logout (IdP): {base_url}/IDPSloRedirect/metaAlias{realm_path}/{idp-name}?binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect

Assertion Consumer (POST): {base_url}/Consumer/metaAlias{realm_path}/{sp-name}

Assertion Consumer (Artifact): {base_url}/Consumer/metaAlias{realm_path}/{sp-name}?binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact

ℹ️ What is the ForgeRock URL Builder?

ForgeRock products use complex URL structures for OAuth 2.0, authentication journeys, IDM queries, and SAML SSO. This tool helps you generate correct URLs without memorizing the exact syntax.

Key Features:

  • OAuth 2.0 authorization URLs with automatic PKCE generation
  • ForgeRock Journey/Tree authentication endpoints
  • IDM managed object queries with proper query filter syntax
  • SAML SP-initiated and IdP-initiated SSO URLs
  • Automatic realm path construction (/realms/root/realms/alpha)
πŸ“– How to Use
  1. Select a tab: Choose OAuth 2.0, Journey, IDM Query, or SAML
  2. Fill in your ForgeRock details: Tenant URL, realm, client credentials, etc.
  3. Click Generate: Get the complete, properly formatted URL
  4. Copy & Use: Copy the URL and use it in your application or testing

Common Use Cases:

  • Building OAuth 2.0 authorization requests for ForgeRock Identity Cloud
  • Testing authentication journeys with proper endpoint URLs
  • Querying IDM managed users with complex filters
  • Configuring SAML service providers with correct SSO initiation URLs
πŸ“– Related Tools & Articles

🧰 Related Tools:

πŸ“š Related Articles:

πŸ”’ Privacy Notice

All URL generation is performed locally in your browser using JavaScript. No data is sent to any server. Your ForgeRock configuration details remain completely private.