Managing your applications

An application is an enterprise resource, one or more computer programs or software components that provides a function in direct support of a specific business process or processes.

About this task

Add the applications that your users and groups needs for their day-to-day operations in your organization. Watch videos on how users access applications and on configuring an application with Verify in the IBM Security Learning Academy.

You can perform the following tasks:

• Create an application
• Update an application
• Delete an application
• Search and view application
• View the application usage report

Verify supports:

• SaaS or web-based applications
• Native mobile applications
• Applications that use Security Assertion Markup Language (SAML) based sign-on
• Applications that use OpenID Connect based sign-on
• On-premise application such as LDAP and Active Directory that are managed through identity adapters

Verify has a list of predefined application templates, including an option to use a Custom application template. The templates are available in the Select Application Type dialog box. Use these templates to:

• Create one or more application instances that are based on the company account subscription.
• Configure the SAML single sign-on connection between Verify and the target application.
• Configure OpenID Connect authentication between Verify and the target application.
• Define which users and groups are entitled to access and use the application.

Depending on the application template, the information in the Add Application page varies. Each page has the General and Sign-on tabs.

When you save the application instance, the Entitlements tab is displayed.

1. Select Applications > Applications.
2. Create an application.
   1. Select Add Application. The Select Application Type dialog box lists the available application templates.
   2. Select Custom Application or search for a specific application template and select Add application.
      Note: If the application is not found, select Request this app. You are taken to the IBM Security Verify - Ideas community, where you can request to add the application to Verify. See How to request new features in IBM Security Verify.
      The Add Application page is displayed.
   3. Optional: If the company has more than one account subscription with the target application, specify a unique application instance name following the application name to distinguish it from other instances. Otherwise, use the default application name.
      Note: The application name can be a maximum of 100 characters.
   4. On the General tab, specify the basic information that is described in Setting the basic application details.
   5. On the Sign-on tab, configure the connection between Verify and the target application.
      • Configuring SAML single sign-on in the identity provider.
      • Configuring OpenID Connect single sign-on in the custom application.
   6. On the Entitlements tab, assign users who are entitled to access and use the application instance.
      • Select the All users are entitled to this application checkbox to enable all users to access the configured application instance.
      • To grant only selected users and groups access to the application, see Managing application entitlements (by Administrator).

      Note:

      • This tab is available only if you already saved the application.
      • Users must be entitled to the application to view and access the application from the Verify home page or to sign on to the target application's web page.
   7. Select Save to complete the setup.
3. Update an application.
   1. Select the icon.
      The Applications/Details page is displayed.
   2. Edit the information in any of the available tabs.
      Note: If Untagged attribute is shown for the attribute source value, it is because the purpose of the attribute was changed. Existing applications that consume the attribute can continue to use the application until you remap the application to use a different attribute for that purpose. For example, if the Single sign-on (SSO) checkbox is cleared on an existing attribute, applications that already consume that attribute for SSO can continue to use it for SSO. The same behavior applies to the provisioning attribute mappings when the Provisioning purpose is removed.
   3. Select Save.
4. Delete an application.
   When you delete an application:

   • You can delete only one application instance at a time.
   • You delete the instance and its entitlements only from Verify. No change on the target application.
   • You can either use Delete in the Applications or on the Edit Application page.
   1. Choose from one of the following options in the Applications page:
      • Select the application instance and select the icon on the Summary pop-out.
      • Select the icon and select Delete.
      • Select the icon and select Delete.
   2. 
      
   3. Confirm that you want to permanently delete the selected application.
5. Search and view the application information.
   1. Use the Search field for a filtered list of data.
   2. Select the application to view a summary of its information. The X-Force Details is displayed.
   3. Select View in X-Force Exchange to view its complete details.

      Table 1. X-Force Details

      Information	Descriptions
      Categorization	Category of the application that the organization authorizes for use. For example, Cloud, Software as a Service.
      Description	Description of the application such as its purpose or usage.
      Base URL	The application home page URL.
      Risk Score	Indication of the risk that a vulnerability poses to your organization.

   From this page, you can also go to the edit page , link to the application usage report , or delete the application .
6. View the application usage report.
   • 1. Select the application to view a summary of its information. The X-Force Details is displayed.
     2. Select the icon.
   • 1. Select the icon and
     2. Select App usage.