Verify Access (Access Manager) Adv. Access Control

Verify Access (Access Manager) Adv. Access Control Courses:

Configuring Verify Access as multi-factor authentication (MFA) client in Verify

This lab provides step-by-step instructions to configure IBM Security Verify Access as Multi-factor authentication (MFA) client for an IBM Security Verify tenant.

This integration allows Verify Access to provide advanced authentication methods to the protected enterprise resources. During the integration process, Verify Access is automatically registered as a MFA client in your Verify tenant. Additionally, a set of Info Map rules and authentication mechanisms are created in Verify Access to call the MFA REST API in Verify.

Activating and configuring Advanced Access Control (AAC) module

The Advanced Access Control (AAC) functionality of IBM Security Access Manager (ISAM) is not enabled by default. The AAC module must be purchased and activated to enable this functionality. This lab provides procedures to activate and configure the Advanced Access Control module.

Configuring and using the SCIM interface

IBM Security Access Manager (ISAM) provides SCIM-based web services for user and group management. In this course, you use the SCIM Configuration page in the Access Manager Local Management Interface (LMI) to configure the SCIM capabilities. Then, you secure the SCIM endpoints using a Reverse Proxy. You also enable the built-in SCIM demonstration application that uses SCIM calls for user management.

API protection by using OAuth 2.0 in Security Verify Access

This lab covers configuration of the following three main OAuth 2.0 workflows supported by IBM Security Verify Access (previously known as IBM Security Access Manager or ISAM): Authorization code, Implicit grant and the Resource owner password credentials (ROPC).

Configuring silent and consent-based device registrations using one-time password

IBM Security Access Manager (ISAM) supports device fingerprinting to allow tracking of a user across multiple devices and browsers. This lab provides steps to configure Advanced Access Control (AAC) policies to register a client device or browser using one-time password (OTP) sent to a user's email address. The user is allowed access once OTP verification is complete. It also covers how administrators and end users can manage device fingerprints.