Frequently asked questions

Get answers to the most commonly asked questions about this product.


Getting started with this product

What's included in the Free Edition of Verify?

The Verify Free Edition allows for up to five applications to be onboarded using SAML 2.0, OpenID Connect, or OAuth2 clients, without expiration, allowing organizations to try the full Verify platform without interruption.

What is the Service Level Agreement for Verify?

Verify's availability has 99.9% uptime guaranteed, with actual operational uptime typically exceeding this. Customers can monitor the uptime of Verify at the link below.

How can I use Active Directory as an identity source with Verify?

Details on how to use Active Directory and other LDAP directories as an identity source can be found in the Knowledge Center.


How is Verify licensed?

IBM Security Verify only charges for actual usage, so you can add/remove users or even product use cases within Verify at your own pace. Verify pricing uses Resource Units as a metric to quantify an organization’s dynamic usage between user populations and product use cases.


What security certifications does Verify have?

Verify has obtained several common certifications like ISO 27001, ISO 27017, ISO 27018, and SOC2. Up-to-date certifications for Verify are detailed in the link below.

How does Verify support multi factor authentication for VPNs?

Verify includes a RADIUS client that can serve as an authentication mechanism for VPN connections and other systems that support the RADIUS protocol. You can download the Linux PAM installation files from IBM X-Force Exchange's App Exchange.

What user authentication methods does Verify offer?

Verify offers time-based one-time passwords (TOTP), email and SMS OTP, IBM Verify mobile app push notifications, fingerprint, face recognition, QR codes, and more.

Other common questions

I'm an IBM Security Verify Access customer. Does Verify work with Verify Access?

Yes, Verify and Verify Access are jointly entitled and work together seamlessly. You can enable a Verify subscription directly from your administrative console.

Can I protect my on-premises applications with Verify?

Yes, Verify uses a lightweight application gateway to extend access control to on-premises web applications. It also works hand in hand with existing Verify Access implementations.

Can I use Verify for both workforce and consumer use cases?

Verify can be utilized to support both customer or consumer (cloud directory and social authentication) use cases as well as employee single sign-on use cases all within one unified platform, maximizing ROI and minimizing cost per user for an organization.

Does Verify provide consent management for applications?

In applications that support OpenID Connect and OAuth2, consent management can be easily enabled so users are prompted to provide permission before granting authorization to that application.

Does Verify provide out of the box SDKs for development?

Yes, we have SDKs for various use cases, such as native mobile applications, and web applications using frameworks like NodeJS and ReactJS. Visit the Developer Portal to learn more.

Does Verify integrate with Keycloak or Red Hat SSO?

Yes, Verify can be extended into Keycloak or Red Hat SSO environments for full IDaaS capabilities like advanced authentication. Extensions for Verify are available in the IBM Security GitHub page.

Does Verify integrate with QRadar?

Yes, you can stream Verify event data to QRadar to identify and analyze threat anomalies.

Does Verify integrate with Resilient?

Yes, you can send Verify anomalies and other events to Resilient to take action, such as automatically resetting a password or removing an entitlement.