Custom application
To implement single sign-on, you need to provide IBM® Security Verify or another configured identity provider with information about the application. Verify provides a predefined template for each of the application that it supports. If you can’t find a predefined template for your application, use the Custom Application template instead.
General information
Select . Hover over an application name and select the settings icon 
. On the General
tab, specify the basic information about the custom application. See Setting the basic application
details.
Single sign-on configuration
- Select the Sign-on Method and provide the required information.
Table 1. Sign-on Method Sign-on Method Descriptions Application Bookmark Select this type to create:- Any application that doesn’t support SAML but you still want to display the
application on the user home page for the user to access.
In this scenario, IBM Security Verify starts the application URL without using SAML.
- Any on-premise application that is configured for single sign-on using your on-premises IBM Security Verify Access solution.
In this scenario, if the user is authenticated with IBM Security Verify Access, then the user can access the on-premises application from the same home page.
You only need to specify the URL of the web page that is launched when a user selects the application from the IBM Security Verify home page.
SAML 2.0 Select this type to configure SAML sign-on on any application that supports SAML.
See Configuring SAML single sign-on in the identity provider for information about enabling SAML in IBM Security Verify.
OpenID Connect 1.0 Select this type to configure OpenID Connect sign-on for any application that supports OpenID Connect.
See Configuring single sign-on in the OpenID Connect provider for information about enabling OpenID Connect in IBM Security Verify.
- Any application that doesn’t support SAML but you still want to display the
application on the user home page for the user to access.
- Configure the access policies.
- Choose the identity provider sources that users can use to sign in to this application. These
sources are defined from .
Table 2. Identity sources Identity sources options Descriptions Allow all identity sources that are enabled for end users Includes the following types of identity sources that are configured and enabled as a sign-in option for end users:- Cloud Directory
- IBMid
- OnPrem LDAP
- SAML Enterprise
It does not include social identity provider sources.
Select specific supported identity sources Includes Cloud Directory and all configured social identity provider sources, regardless if they are enabled or disabled from .
You can assign a disabled identity source but it will not be available as a sign-in option until it is enabled.
- Select the policy that determines how users can access the application.
You can continue to use the default access policy that is assigned, which is Allow access from all devices. Alternatively, you can select from the list of predefined access policies. For more information, see Access policies.
- Choose the identity provider sources that users can use to sign in to this application. These
sources are defined from .
Entitlements
To assign who can access and use the application instance, see Managing application entitlements (by Administrator).
Privacy
The purposes and EULAs are displayed with name, description, tags, attributes that they include, and status.
- Add a purpose or EULA.
- Select Add purposes.
- Select the checkbox for the purpose or EULA that you want to add. You can select more than one.
- Select Add purposes.
- Remove a purpose or EULA.
- Select Add purposes.
- Select the checkbox for the purpose or EULA that you want to remove. You can select more than one.
- Select Remove.