What's new for IBM Security Verify features in May 2024

News

Abstract

New IBM® Security Verify features that were released in May

Content

Key updates

These new features might not be available in your location yet.

Enhanced the Access certification to allow the user to end and delete campaigns. For more information, see Access certification.
Enhanced the support to mark consents as required, automatically grant them and globally store them across all applications. For more information, see OpenID Connect request mapping for consent requests.
Password policies that are assigned to a user can now be managed from the User & groups > Profile tab. See Managing users.
The following modifications are done in the Admin Activity report to enable the administrator to trace the actions taken in accordance with the flow designed in the Flow designer:
- A record gets displayed whenever a flow is created, modified, exported, imported, published, deleted, or Trace URL is generated by a user logged in the admin console.
- The Event details under Management Event is enhanced to display the Flow name, Flow reference and Trace URL validity.
For more information, see Generating an administrator activity report.

Other features, enhancements, and announcements

A new attribute data.authenticatorattachment was added to management event and authentication event payloads. See Management event payload and Authentication event payload.
You can now enforce client authentication on a device authentication /oauth2/device_authorization endpoint for device flow. See Configuring OIDC application general settings.
With context to Flow designer, now when the Function task execution fails, its details get saved in error object inside context and the flow continues instead of displaying the error page.
A new attribute Refresh token fault tolerance lifetime option was added to OIDC general settings. See Configuring OIDC application general settings.
Two filter , API client ID and API client name were added to MFA reports. See Generating a multi-factor authentication activity report.
Added support for the following applications.
- None

See Supported applications and connectors.

Notifications

To improve security, the state and nonce query parameters in the OpenID Connect authorization request must be at least 8 characters long. This change becomes effective 30 June 2024. Ensure that your applications are updated.
Application grants v1.0 APIs /v1.0/appgrants are deprecated. The end of life is 30 June 2024. See Deprecated APIs. The new APIs require the application ID to be specified and either "Manage OIDC and OAuth application grants" or "Read OIDC and OAuth application grants" API entitlements.
The Subscription Usage Dashboard is currently still in preview mode. Some inaccuracies were discovered in the usage statistics. The levels of consumption for your subscriptions might be incorrectly displayed in the dashboard. The issue is being worked on.

Note: The inaccuracies in the data that is displayed do not affect your billing in any way.

Related Information

IBM Documentation

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSCT62","label":"IBM Security Verify"},"ARM Category":[{"code":"a8m0z0000001jljAAA","label":"Security Verify"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Product Synonym

IBM Cloud Identity;IBM Security Verify;Verify;Verify SaaS

Was this topic helpful?

Document Information

Modified date:
01 May 2024

UID

ibm17149989

Tips