Announcing ISAM and the IBM Verify Cookbook

One of the interesting and advanced new features of ISAM is mobile multi-factor authentication. This technology allows you to perform step-up authentication (or in fact direct login) using an application on you mobile, known as IBM Verify, which can prompt for user-presence or fingerprint authentication. A few of us here at IBM have been […]

An Introduction to the InfoMap Authentication Mechanism in ISAM 9.0.2

For some time now the IBM Security Access Manager (ISAM) appliance has offered a pluggable authentication service in it’s Advanced Access Control (AAC) module. This authentication service is really just an advanced form (or framework) of External Authentication Interface (EAI) application for the ISAM WebSEAL reverse proxy, allowing you to programmatically interact with a user-agent […]

ISAM 9.0.2: The JWT STS Module and Junction SSO to WebSphere Liberty

Today we at IBM have released the latest version of IBM Security Access Manager – ISAM 9.0.2. This release has several new and improved capabilities, particularly in the space of mobile multi-factor authentication, however in this particular article I plan to discuss a new Security Token Service module that supports the generation and validation of […]

Using Custom Access Tokens in the ISAM OAuth Server

ISAM has provided a general-purpose OAuth 2.0 server since version 8 of the ISAM appliance (and earlier than that in Tivoli Federated Identity Manager). In that OAuth server implementation, access tokens are generated as random-value strings (pass-by-reference), and are completely opaque to both clients and resource servers. Resource servers must call the ISAM STS to perform access […]

My first Docker and IBM Containers Experience

Like most technical experimenters, from time to time I want a simple lightweight internet-facing linux box to test things from. There are lots of ways to get one of these, but in this case I also wanted to experiment with Docker, and IBM Containers on Bluemix, so decided to combine the goals into a self-education […]

Using custom certificates and hosts file with Android emulator

When writing mobile applications on Android that utilise the OAuth 2.0 capability of IBM Security Access Manager (or in fact any other interaction with WebSEAL from the Android emulator), I typically want to test my application against a virtual ISAM appliance running on my laptop. This allows quick iterative testing, and gives me a completely […]

Risked-Based Access with Persistent Cookie Device Fingerprint

Using Persistent Cookies for Browser Device Registration with ISAM Advanced Access Technical Overview Many customer enquiries (How do I…..?) related to IBM Security Access Manager and associated technologies cross my path, and I often find it intriguing and a good old-fashioned challenge to try and figure out how to solve some of these problems with […]

Using IBM Tivoli Directory Integrator for Identity Mapping with ISAM 9

Using IBM Tivoli Directory Integrator for Identity Mapping with ISAM 9 Technical Overview This article will describe how to utilize Tivoli Director Integrator (TDI) assembly lines to perform identity mapping operations for Federation configurations or Security Token Service (STS) chains configured in IBM Security Access Manager v9 appliance. It is particularly applicable to existing TFIM […]

An Introduction to Automated Configuration in IBM Security Access Manager v9

An Introduction to Automated Configuration in IBM Security Access Manager v9 Over the past few years IBM Security has demonstrated intent to migrate access management and federation technologies from distributed platform software to a physical/virtual appliance delivery model. This has numerous benefits to both our customers and IBM, with middleware patch management ranking right up […]