Creating a physical access badge

Edit online

Configure a new badge for Apple and Google wallet.

Procedure

  1. Select Integrations > Physical access badge.
  2. Click Create badge button to create a new badge.
  3. In the General details section, configure the Swift Connect provider settings.
    • Enter a unique Integration name for the configuration in the provided field.
    • Enter appropriate Description in the provided field to describe the configuration.
  4. In the Connection settings, enter the following details to define the properties.
    • Enter the SCIM endpoint of the SwiftConnect provider in the SCIM base URL field. This endpoint is used to synchronize IBM® Verify user and groups with SwiftConnect. This information is provided by SwiftConnect.
    • Enter the Bearer token in the provided field to authenticate with the SCIM endpoint. This information is provided by SwiftConnect.
    • Click Test Connection to verify whether a connection to the target endpoint can be established with the configured SwiftConnect credentials.
    • Toggle the User provisioning button to select from the following options for deprovisioning an account.
      • Enabled - An account is deprovisioned when the entitlement is removed from a user. If this option is selected, a 30-minute grace period option is activated.
      • Disabled - The account is deprovisioned outside of Verify. If this option is selected, grace period and deprovision action are deactivated.
      Note: If the User provisioning is enabled, you can select from Delete or Suspend radio button to determine the action. When a user is deprovisioned, they can be deleted or suspended in SwiftConnect.
    • The Next button remains disabled if you did not test the connection.
  5. In Attribute mapping, assign a corresponding Verify user attribute for each of the application attributes. Map the attributes based on the application requirements. To create a custom rule for attribute mapping, refer to Creating a custom rule for attribute mapping for further details.
    • Select the Verify attribute from the menu.
    • Select a transform for the value. You can choose to transform the value with any of the built-in transformations that are provided in the Transformation menu. The default setting is None, which means that the value is passed unchanged. With scripting support, you can create a custom transform to transform the Verify attribute value and set it to the Target attribute. See Creating a custom rule for attribute mapping.
    • Select the Target attribute from the attribute menu.
    • If the application supports the feature, select the Keep value updated checkbox for the attributes that you want to be updated when changes occur in IBM Verify. Attribute value changes to the user's profile automatically and overwrites the corresponding attribute values in the target application.
      Note: The checkbox is inactive for certain target attribute values like email and user_name that cannot be changed.
    Note:
    • Whenever a user is disabled or enabled in IBM Verify, it suspends or restores the account on the target application.
    • When a custom rule is specified for attribute mapping, a built-in transformation cannot be applied to it.
    • Map the same target and IBM Verify attributes in the reverse attribute map.
    • These attribute mappings are used for account provisioning and account synchronization on the target application.
  6. In Signing certificate, select the certificate that is to be used to sign the ID token.
    • Select Existing certificate is the default selection and refers to the certificates that are configured in Security > Certificates.
    • The No certificate selection creates a new certificate using the Friendly name.
  7. In User experience, select the user profile that gets associated with the configuration.
    • The Profile management allows to select the profiles that are configured in User experience > Profile management.
    • The Identifier attribute dropdown displays the options based on the attributes that are mapped in the Attribute mapping section.
    • Select an image file that represents the badge design.
  8. Click Create to add the new badge.
  9. The badge gets created and the user is redirected to the Physical access badge screen.
    The badge record gets listed in the Physical access badge screen in Enabled State.