IBM Support

IBM Security Verify Access v10.0.5 Release Notification

News


Abstract

We are glad to announce the electronic general availability of IBM® Security Verify Access, Version 10.0.5 on December 09, 2022, bringing a range of enhancements, features, and fixes to the Verify Access platform.

Content

IBM Security Verify Access Version 10.0.5

IBM Security Verify Access helps organizations securely manage user access and protect applications against fraudulent and unauthorized access across web, mobile, and enterprise infrastructure, including network access and Windows and Unix servers.

The 10.0.5 release marks the fifth release on the v10 platform and delivers the following enhancements:

  • Container Registry Changes
    IBM Security Verify Access containers are no longer be available on Docker Hub after 31 December 2022.

    IBM Security Verify Access no longer hosts images on Docker Hub after 31 December 2022. All images are accessed from their new location on IBM Cloud® Container Registry.

    This change is a breaking change to many automated deployment pipelines, and administrators must validate and modify their container deployment routines to source these containers from their new location.

    For full information on the IBM Security Verify Access Container locations, use one of the following URLs.
  • Support License - no longer required or issued
    The Flexera/Flexnet powered IBM Security License Key and Download Center service used with IBM Security Verify Access - ISVA (and IBM Security Access Manager – ISAM) will be shut down after December 28th, 2022. The associated license files will not be issued or available from this service after this time. This will not have any effect on the products functionality or ability to raise a support ticket. Earlier versions of IBM Security Verify Access will require updates to be downloaded by administrators from IBM Fix Central. For more information, see the following technote.
  • Multi-JDK support for PD.jar
    The Policy Directory Java™ library (PD.jar) has been updated to support both IBM® Java 1.8 and OpenJDK 11. Previously, administrators were required to use the legacy version of PD.jar for versions of Java lower than 11. Now administrators are no longer required to move to Java 11 to use the latest version of PD.jar. For more information about using PD.jar to retrieve information from the runtime user registry/policy server, see the Administration Java classes overview.
  • SafeNet Luna High Availability (HA) support
    Support for SafeNet hagroup configurations was added to Verify Access. Administrators who install the SafeNet HSM Extension from IBM App-Exchange can group one or more SafeNet devices into an HA group. For more information about configuring HSM devices, see Configuring network Hardware Security Module (HSM).
Advanced Access Control (AAC)
  • AAC Authentication Policy JSON API

    A new API was added to the Local Management Interface (LMI) that represents AAC Authentication Policies as JSON. Previously, the policy itself was represented solely as XML. For more information about the API and usage examples, see the WebServices documentation that is available from the appliance LMI. Apply the filter “Full JSON API” to show the appropriate pages for the new API.

  • AAC Access Control Policy JSON API

    A new API was added to the Local Management Interface(LMI) that represents AAC Access Control Policies as JSON. Previously the policy itself was represented solely as XACML 2.0. For more information and usage examples, see the WebServices documentation that is available from the appliance LMI. Apply the filter “Full JSON API” to show the appropriate pages for the new API.

  • SCIM User Password Schema

    It is now possible for a user to change their password by using the SCIM API without the need for a two-phase update process. See User password change and recovery.

  • Identifier First Authentication Scenario

    A new scenario is now available in the Example Branching Policy Scenarios wizard, called Identifier First Authentication. This scenario initially prompts the user only for their username. The user is then able to choose between FIDO2/WebAuthn authentication, MMFA authentication, or standard username and password authentication. For more information, see Scenarios.

  • FIDO2 Mediation

    In the FIDO2 custom mediator, two new properties can be accessed from the registration object backupEligibility and backupState. Both relate to the backup of the public key credential source of a registration. For more information, see FIDO2 Mediation.

  • JavaScript Allowlisted Classes

    In the available JavaScript classes, two new methods are available in the following two classes com.tivoli.am.fim.registrations.local.FIDORegistration and com.tivoli.am.fim.fido.mediation.FIDO2Registration. They both now provide getter methods for backupEligibility and backupState. For more information, see JavaScript allowlist.

  • Template Files

    In the management of template files, directories can now be created at the root level. For more information, see Managing template files.

For a more complete list of features and changes in the v10.0.5 release, see What's New in the IBM Documentation.

IBM Security Verify Access OpenID Connect Provider

In September 2022, a new dedicated OIDC Component was released.

IBM Security Verify Access OIDC Provider is a containerized lightweight OIDC provider, which supports advanced OIDC and OAuth standards out of the box and can be deployed and scaled using any modern orchestration system, including Kubernetes. It supports best-in-class security controls and advanced flows, such as pushed authorization request and client-initiated back-channel authentication along with pre-defined security profiles (or recipes) for Open Banking and other compliance.
For more information, see the announcement, or the documentation resources.

Critical changes

IBM Security Verify Access now publishes a dedicated page to capture changes that will likely have a significant impact on a deployment during or after an upgrade. See Critical changes.

To access a wide variety of technical resources for this product, see the IBM Security Verify Access Version 10.0.5 product documentation in IBM Documentation.

IBM Application Gateway
Since v10.0.0, entitled customers of IBM Security Verify Access can make use of the IBM Application Gateway to access and protect applications. The IBM Application Gateway is an ultra-lightweight container deployment of the reverse proxy, with declarative configuration and without any runtime dependencies on a policy server or LDAP server. Authentication is performed using a Verify Access OIDC OP deployment (or IBM Security Verify SaaS). For more information about the IBM Application Gateway see the documentation hub.
Early Access Program
Are you interested in learning more about the new product features planned for upcoming releases of IBM Security Verify Access? Would you like the opportunity to try a Beta version of an upcoming IBM Security Verify Access release and the ability to give feedback regarding new product features? Are you interested in learning about other IBM Security product offerings?
If you answered “yes” to any of these questions, the IBM Security Agile Client Experience (ACE) program might be the right opportunity for you.
The IBM Security ACE program offers a range of early access programs and prototype feedback sessions for selected IBM Security products including IBM Security Verify Access.
Throughout these interactive programs, the IBM Security development teams deliver resources and/or host sessions to provide participants with an insight into the new features that are being designed and implemented.
When you participate in this program, IBM gives you early access to the design and/or features for your evaluation and feedback before the general availability of the new product releases. The overall goal of the Security ACE program is to garner important feedback from participants to help shape the direction of our products. Participation is free of charge. The content of the program is confidential and is available to interested parties who accept the program terms and conditions.
Getting started is easy! Please register your interest in joining the program using this registration form:  http://ibm.biz/security-ace-registration.
Downloading the product and assemblies
Version 10.0.5 is available from Passport Advantage, Fix Central, and the IBM Container Registry.
This technote details the information required to download and access the v10.0.5 release of IBM Security Verify Access and its supporting programs: 
Upgrading/Staying in support
IBM Security Verify Access only delivers defect and security updates to the latest current patched (fixed) release. With the release of IBM Security Verify Access v10.0.5, 10.0.5 becomes the ‘current patched release’ where all fixes and patches will be delivered to v10.0.5. For more information, see this notification: https://www.ibm.com/support/pages/node/6453645.
Additional Information for IBM Security Access Manager Gen1 Hardware appliance
IBM has announced the end of support date of IBM Security Access Manager Gen1 Hardware Appliances (5122-83K) for April 30, 2023. For more information, see this notification: https://www.ibm.com/support/pages/node/872590
Additional Information for IBM Security Verify Access Gen2 Hardware appliance
IBM has announced the end of support date of IBM Security Access Manager and IBM Security Verify Access Gen2 Hardware Appliances (5122-81T) for September 30, 2025. For more information, see this notification: https://www.ibm.com/support/pages/node/872590
Additional Information for IBM Security Access Manager v9.0
IBM Security Access Manager v9.0 is now End of Support. For more information, see this notification: https://www.ibm.com/support/pages/node/6452057.

[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRGTL","label":"IBM Security Verify Access"},"ARM Category":[{"code":"a8m0z000000cxuHAAQ","label":"Security Verify Access"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.0.5"}]

Product Synonym

IBM Security Verify Access; IBM Security Access Manager; ISAM; ISVA;

Document Information

Modified date:
01 March 2023

UID

ibm16842013

Page Feedback