Some more Infomap examples

Earlier this year I posted about a feature introduced in ISAM 9.0.2 called the Infomap authentication mechanism: An Introduction to the InfoMap Authentication Mechanism in ISAM 9.0.2 This post is a quick plug for another article on the same topic – this time using Infomap to achieve social login for Facebook, LinkedIn and Instagram on […]

Continue reading

Linking Client Certificates to an ISAM Account

As a part of my job I am frequently contacted by technologists that use IBM Security Access Manager (ISAM) trying to build a solution for identity and access management scenarios. In fact, it’s one of the fun parts of what I do – it gives me a chance to problem solve and dabble with one of […]

Continue reading

Announcing ISAM 9.0.2.1 and the IBM Verify Cookbook

One of the interesting and advanced new features of ISAM 9.0.2.1 is mobile multi-factor authentication. This technology allows you to perform step-up authentication (or in fact direct login) using an application on you mobile, known as IBM Verify, which can prompt for user-presence or fingerprint authentication. A few of us here at IBM have been […]

Continue reading

An Introduction to the InfoMap Authentication Mechanism in ISAM 9.0.2

For some time now the IBM Security Access Manager (ISAM) appliance has offered a pluggable authentication service in it’s Advanced Access Control (AAC) module. This authentication service is really just an advanced form (or framework) of External Authentication Interface (EAI) application for the ISAM WebSEAL reverse proxy, allowing you to programmatically interact with a user-agent […]

Continue reading

ISAM 9.0.2: The JWT STS Module and Junction SSO to WebSphere Liberty

Today we at IBM have released the latest version of IBM Security Access Manager – ISAM 9.0.2. This release has several new and improved capabilities, particularly in the space of mobile multi-factor authentication, however in this particular article I plan to discuss a new Security Token Service module that supports the generation and validation of […]

Continue reading

Using Custom Access Tokens in the ISAM OAuth Server

ISAM has provided a general-purpose OAuth 2.0 server since version 8 of the ISAM appliance (and earlier than that in Tivoli Federated Identity Manager). In that OAuth server implementation, access tokens are generated as random-value strings (pass-by-reference), and are completely opaque to both clients and resource servers. Resource servers must call the ISAM STS to perform access […]

Continue reading

My first Docker and IBM Containers Experience

Like most technical experimenters, from time to time I want a simple lightweight internet-facing linux box to test things from. There are lots of ways to get one of these, but in this case I also wanted to experiment with Docker, and IBM Containers on Bluemix, so decided to combine the goals into a self-education […]

Continue reading

Using custom certificates and hosts file with Android emulator

When writing mobile applications on Android that utilise the OAuth 2.0 capability of IBM Security Access Manager (or in fact any other interaction with WebSEAL from the Android emulator), I typically want to test my application against a virtual ISAM appliance running on my laptop. This allows quick iterative testing, and gives me a completely […]

Continue reading

Risked-Based Access with Persistent Cookie Device Fingerprint

Using Persistent Cookies for Browser Device Registration with ISAM Advanced Access Technical Overview Many customer enquiries (How do I…..?) related to IBM Security Access Manager and associated technologies cross my path, and I often find it intriguing and a good old-fashioned challenge to try and figure out how to solve some of these problems with […]

Continue reading