PingOne AIC Architect (ForgeRock Identity Cloud)

• Location: Toronto, Ontario
• Remote: Hybrid
• Type: Contract
• Job #34746

We are seeking an experienced PingOne AIC (formerly ForgeRock) Architect to support a major Identity & Access Management (IAM) initiative for our Toronto Client. The ideal consultant brings deep hands-on experience with ForgeRock Identity Cloud, ADFS, SAML, OAuth, and secure identity workflows across enterprise environments. This is a HYBRID working model.

Key Responsibilities:

• Architect, configure, and administer IAM solutions within PingOne AIC / ForgeRock Identity Cloud

• Develop and manage applications leveraging OIDC, SAML, and OAuth standards

• Design custom workflows and user journeys for onboarding, authentication, and pass-through access

• Implement provisioning, de-provisioning, JIT identity creation, and migration

• Develop and enhance REST APIs, connectors, and integration components

• Support data/config migration across tenants using GUI and APIs

• Build custom logic and workflows using Java/J2EE, JavaScript, Groovy, and scripting

• Troubleshoot and optimize identity federation and SSO configurations

• Work with Enterprise Directory/LDAP and related data sources

Must-Have Skills:

• Strong foundation in IAM concepts, identity federation, and SSO

• Hands-on experience with ADFS, OAuth, SAML, OIDC

• Deep experience with ForgeRock ID Cloud application and workflow development

• Proficiency in REST APIs, JSON/XML, scripting, and custom connector development

• Experience with Java/J2EE, JavaScript, Groovy, and IGA workflow implementation

• Experience with identity migration, tenant configuration, and high-availability design

Nice to Have:

• Customization of ForgeRock UI, hosted pages, and localization

• Experience deploying RCS in cluster mode

• Understanding of Identity Gateway

• Experience documenting use cases, test cases, and performing unit testing

• Familiarity with CI/CD and DevOps pipelines