Verify Access (Access Manager) Adv. Access Control

Verify Access (Access Manager) Adv. Access Control Courses:

Configuring Verify Access as multi-factor authentication (MFA) client in Verify

This lab provides step-by-step instructions to configure IBM Security Verify Access as Multi-factor authentication (MFA) client for an IBM Security Verify tenant.

This integration allows Verify Access to provide advanced authentication methods to the protected enterprise resources. During the integration process, Verify Access is automatically registered as a MFA client in your Verify tenant. Additionally, a set of Info Map rules and authentication mechanisms are created in Verify Access to call the MFA REST API in Verify.

IBM Security Verify Access Mobile Multi-Factor Authentication deployment cookbook

This cookbook provides a step-by-step guide to installing an IBM Security Verify Access Virtual Appliance and then configuring it to demonstrate Mobile Multi-Factor Authentication (MMFA) scenarios such as mobile verification application registration, password-less login, and out-of-band transaction verification.

This cookbook was written to work with a fresh installation of IBM Security Verify Access  The cookbook also works with IBM Security Access Manager and above although some screenshots may differ slightly from what is shown in this guide.

IBM Security Access Manager API Protection Configuration Cookbook

This cookbook provides a step-by-step guide to configuring the OAuth 2.0 functionality in IBM Security Access Manager Advanced Access Control add-on.

The exercises described in this cookbook are designed to run on a self-contained test machine which has the required software and helper scripts installed. Instructions on building a suitable test machine (based on Centos 7 Linux) can be found in the appendix of this document.

Access Manager: What's in the box? InfoMap Authentication Mechanism

In this Open Mic, a panel of IBM experts discuss how to properly configure and troubleshoot the InfoMap Authentication Mechanism within the IBM Security Access Manager appliance.

Accessing SCIM REST APIs using Curl and Postman

This course demonstrates how to call the Access Manager SCIM REST APIs using Basic Authentication and OAuth 2 Authentication. In this course, you first download and review the reference SCIM API documentation. Then, you configure the Reverse Proxy for API access using Basic authentication and also using the OAuth access tokens. Finally, you call the API using the Curl and the Postman utilities.

IBM Security Access Manager Context-based Access

In this video, you learn about context-based access, which is part of the IBM Security Access Manager Advanced Access Control add-on module.

Activating and configuring Advanced Access Control (AAC) module

The Advanced Access Control (AAC) functionality of IBM Security Access Manager (ISAM) is not enabled by default. The AAC module must be purchased and activated to enable this functionality. This lab provides procedures to activate and configure the Advanced Access Control module.

Configuring and using the SCIM interface

IBM Security Access Manager (ISAM) provides SCIM-based web services for user and group management. In this course, you use the SCIM Configuration page in the Access Manager Local Management Interface (LMI) to configure the SCIM capabilities. Then, you secure the SCIM endpoints using a Reverse Proxy. You also enable the built-in SCIM demonstration application that uses SCIM calls for user management.

API protection by using OAuth 2.0 in Security Verify Access

This lab covers configuration of the following three main OAuth 2.0 workflows supported by IBM Security Verify Access (previously known as IBM Security Access Manager or ISAM): Authorization code, Implicit grant and the Resource owner password credentials (ROPC).

Configuring silent and consent-based device registrations using one-time password

IBM Security Access Manager (ISAM) supports device fingerprinting to allow tracking of a user across multiple devices and browsers. This lab provides steps to configure Advanced Access Control (AAC) policies to register a client device or browser using one-time password (OTP) sent to a user's email address. The user is allowed access once OTP verification is complete. It also covers how administrators and end users can manage device fingerprints.

Enabling and configuring the demo application

IBM Security Access Manager (ISAM) has a built-in demo application that is useful to demonstrate advanced authentication and authorization scenarios. You can also use this application to access information such as ISAM credential and session attributes, HTTP headers, and location attributes useful to diagnose setup problems.

This video course demonstrates the steps to enable and configure the demo application.

FIDO2 support in IBM Access Manager 9.0.7

Password re-use by users and password phishing create security breach concerns.  The FIDO Alliance promotes and delivers authentication standards that reduce the reliance on passwords.  This video demonstrates how to use FIDO2 authenticators with IBM Access Manager 9.0.7.

IBM Access Manager Advanced Authentication

Within Access Manager appliances, there is an authentication service with a number of authentication mechanisms.  In this video, you will learn about the authentication service, provided authentication mechanisms, and custom authentication.

IBM Security Access Manager User Self-Care cookbook

This guide provides step-by-step guidance to configure User Self-Care using the IBM Security Access Manager Advanced Access Control add-on. The first set of exercises show how to configure the standard out-of- the-box functionality. Further exercises show how User Self-Care can be customized by modifying the provided script files and page templates, and how new functionality can be added.

Leveraging JSON web tokens in IBM Security Access Manager

In this IBM Security Access Manager (ISAM) webinar replay, you learn about leveraging OIDC mapping rules to enhance JSON Web Tokens (JWT), using SSO Junctions to send JWT to junction applications, and accepting JWT as an authentication token in the Reverse Proxy.

New frontiers of user authentication: Risk-based, passwordless, and decentralized identity

In this Think 2019 session replay, Shane Weeden and Nick Lloyd discuss the future of strong authentication, including Risk-based, passwordless, and decentralized identity mechanisms.

Setting up One time password using AAC - Open Mic

IBM Access Manager also known as IBM Security Access Manager V9 provides an add-on module for Advanced Access Control (AAC). In this Open Mic organized by Access Manager support team, they give an overview of the One time password (OTP) feature available in the AAC module. It is also demonstrated how to configure and use this feature. After the presentation, attendees were given an opportunity to ask the panel of experts questions.

User Self-Care in Access Manager

In this course, you will learn about the three user self-care flows in IBM Access Manager with the Advanced Access Control add-on: forgotten username, forgotten password, self-registration.