Configuring a custom device name

Requests to the OpenID Connect endpoints can be done programmatically through a client or an in-app browser rather than the user's default browser. The device name is based on the value of the user-agent header that is sent from the client. Customize the device name for a meaningful name that is recorded in the user's tokens and grants that are generated through this flow.

Before you begin

• You must have administrative permission to complete this task.
• Log in to the IBM® Security Verify administration console as an Administrator.

About this task

You can configure the OpenID Connect or OpenID Connect for Open Banking application to overwrite the device name, and change it to what you want. In this example, the device_id parameter value is used as the device name.

1. Configure an OpenID Connect or OpenID Connect for Open Banking application. See Configuring single sign-on in the OpenID Connect application.
2. Navigate to Endpoint configuration > Introspect, and configure the following introspect mapping:
   1. Click the arrow next to Add attribute, and select Add custom rule.
   2. Use requestContext.getValue('device_id') for this rule.
   3. Click OK.
   4. Use ibm:devicename for the Target attribute.
   5. Click OK.
   6. Click Save to save the application.
3. When a request is made to the authorization endpoint or token endpoint, include the following parameter device_id=testapp1.
4. When this token is introspected, it returns "ibm:devicename": "testapp1".
5. When the token grant is retrieved through the grants API, it includes "deviceName": "testapp1" instead of the browser or client name.