News
Abstract
New IBM® Security Verify features that were released in April.
Content
Key updates
These new features might not be available in your location yet.
- An update procedure was added for IBM Security Verify Bridge for Directory Sync. See Upgrading the IBM Security Verify Bridge for Directory Sync.
- A public preview CI-131380 is available for digital badge provisioning for Apple and Google wallet. See Managing physical access badge.
- You can now modify invite new user pages in IBM Security Verify. For more information, see Modify invite new user pages.
- A public preview CI-108233 for user invitations is now available. With this feature, you can send others an invitation to register as new users. Upon accepting the invitation, the users are created and added to the specified groups. Through the users' group memberships, they are automatically given the roles and permissions that are assigned to those groups. See Inviting users.
- A public preview, CI-117151, is available for assigning password policies to individual users and groups. See Assigning password policies to users and groups.
- Threat detection is now supported by the IBM Security Verify user interface. See Managing threat detection.
- IBM Security Verify now supports configuring threat detection and remediation policies. The policy enables the Admins to set their Verify SaaS environment to alert and/or proactively block login traffic that results from identified attacks. For more information, see Managing threat detection.
- IBM Security Verify now supports modifying threat detection email notification pages. For more information, see Modify threat detection email notification pages.
- Attribute-based access control through dynamic roles now is supported by IBM Security Verify. This feature is available as part of a requestable public preview, 46644. To request this feature, contact your IBM Sales representative or IBM contact and indicate your interest in enabling this capability. If you have permission to create a support ticket, create a support ticket with the public preview number. Note: IBM Security Verify trial subscriptions cannot create support tickets. See Creating a dynamic administrator role and Creating a dynamic application role.
- The following modifications have been done in the Admin Activity report to provide the administrator with traceability to all changes done to an Access Policy:
- A record gets displayed whenever Access policy is created, modified or deleted either by a user logged in the admin console or through APIs.
- The Event details under Management Event is enhanced to display the Policy name, Policy ID and Modifications made to an Access Policy. This provides the administrator with traceability to all changes done to an Access Policy.
For more information, see Generating an administrator activity report
- Other features, enhancements, and announcements
- Enhanced the procedure to configure Microsoft 365 for user provisioning. For more information, see Configuring provisioning for Microsoft 365.
- The V1.0 management APIs for identity sources are being deprecated. See Deprecated APIs. To view the new APIs, see https://docs.verify.ibm.com/verify/reference/updateidentitysource. Note: If an identity provider has V2 properties, either created with or updated by the V2 API, use of the V1 API to set or modify it results in an error. Note: If an identity provider has V2 properties, either created with or updated by the V2 API, use of the V1 API to set or modify it results in an error.
- The following modifications and additions are introduced in the Flow designer:
- The Flow designer look and feel is enhanced for better user experience, thus, providing more canvas area for flow construction. The General section is now displayed as a panel that opens on the click of
icon provided in the screen. For more information, refer Managing flow designer. Requires callbackinput parameter is introduced in the User form, Redirect and Page task to auto generate a Message node post these tasks. For more information, see Managing tasks.
- The Flow designer look and feel is enhanced for better user experience, thus, providing more canvas area for flow construction. The General section is now displayed as a panel that opens on the click of
-
IBM Security Verify Adapter now supports PostgreSQL Server - v12.0. For more information, see Managing endpoints by identity adapters. The target applications can now be configured for provisioning endpoints managed by Identity Adapters from IBM Security Verify to the PostgreSQL Server application. For more information, see Configuring provisioning for Postgres.
- IBM Security Verify Adapter now supports MySQL Server - v8.0.19. For more information, see Managing endpoints by identity adapters. The target applications can now be configured for provisioning endpoints managed by Identity Adapters from IBM Security Verify to the MySQL Server application. For more information, see Configuring provisioning for MySQL.
- IBM Security Verify now supports allowing access tokens to be exchanged for SSO session. For more information see, Configuring OIDC application general settings, Managing STS clients, Configuring single sign-on in the OpenID Connect application, and Configuring single sign-on in the OpenID Connect for Open Banking applications.
- Reports are now tagged according to category, either Audit or Status. See Managing reports.
- IBM Security Verify now supports modifying user profile pages. For more information, see Modify user profile pages.
- A new grant type is provided for OIDC applications. Context-based authorization is a multi-stage grant type. The API client is prompted to perform an authentication factor. The JWT bearer grant must be enabled to perform the authentication factors that are determined by the access policy attached to the application. See Configuring single sign-on in the OpenID Connect application and Configuring single sign-on in the OpenID Connect for Open Banking applications.
- Added support for the following applications.
- None
Notifications
- To improve security, the state and nonce query parameters in the OpenID Connect authorization request must be at least 8 characters long. This change becomes effective 30 June 2024. Ensure that your applications are updated.
- Application grants v1.0 APIs
/v1.0/appgrantsare deprecated. The end of life is 30 June 2024. See Deprecated APIs. The new APIs require the application ID to be specified and either "Manage OIDC and OAuth application grants" or "Read OIDC and OAuth application grants" API entitlements. - The Subscription Usage Dashboard is currently still in preview mode. Some inaccuracies were discovered in the usage statistics. The levels of consumption for your subscriptions might be incorrectly displayed in the dashboard. The issue is being worked on.
Note: The inaccuracies in the data that is displayed do not affect your billing in any way.
Related Information
[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSCT62","label":"IBM Security Verify"},"ARM Category":[{"code":"a8m0z0000001jljAAA","label":"Security Verify"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]
Product Synonym
IBM Cloud Identity;IBM Security Verify;Verify;Verify SaaS
Was this topic helpful?
Document Information
Modified date:
24 April 2024
UID
ibm17145736