Configuring Authentication Service Framework, CBA and OAuth Authorization for REST API access

Question & Answer

Question

In this lab, you learn how to configure and use the /mga/sps/apiauthsvc endpoint for REST API access. First, configure the integration between the Reverse Proxy and the AAC runtime for context-based access (CBA) control, and OAuth Authorization. Then, create an access policy that detects high-value transactions based on a JSON parameter in the HTTP POST request and prompt the users for second-factor authentication (2FA). Users are required to provide a one-time password (OTP) sent to their email address. The users are allowed access after they provide a valid OTP. This lab uses MAC OTP mechanism for 2FA but other supported method can be used.

IBM Security Verify Access (previously known as IBM Security Access Manager or ISAM) provides Authentication Service Framework within the AAC module for policy-based strong and second factor authentication features and functions.

Duration: 1 Hour 30 Minutes
Follow the link in related information to view the course on the IBM Security Learning Academy

[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSRGTL","label":"IBM Security Verify Access"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version","Edition":" ","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Tips

Configuring Authentication Service Framework, CBA and OAuth Authorization for REST API access

Question & Answer

Question

Log InLog in to view more of this document

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?