What's new for IBM® Security Verify features in March, 2025

News

Abstract

New IBM® Security Verify features that were released in March.

Content

Key updates

Note: No new features were released in February

These new features might not be available in your location yet.

SAML identity providers now support persistent nameid. See Adding a SAML Enterprise identity provider.
IBM Security Verify now supports Token activity reports. See Generating a token activity report.
You can now specify a group membership source for OIDC identity providers. See Configuring an OIDC Enterprise identity provider.
A new value device was added for "auth-method" in Radius configuration. See device.
A topic was added for migrating user repositories. See User repository migration.

Other features, enhancements, and announcements

A cautionary note was added to SAML Enterprise identity provider for group membership source. See Attention.
A cautionary note was added to Managing themes for restricting access to managing themes. See Important.

Added support for the following applications.
- HashiCorp Vault

See Supported applications and connectors.

Notifications

Caching changes are being deployed. As a result, changes to OIDC general settings or Certificates can take up to one minute to take effect in the following endpoints.
- /oidc/endpoint/default/.well-known/openid-configuration
- /v1.0/endpoint/default/.well-known/openid-configuration
- /oauth2/.well-known/openid-configuration
- /oidc/endpoint/default/jwks
- /v1.0/endpoint/default/jwks
- /oauth2/jwks
New RSA and ECDSA certificates are being issued for *.ice.ibmcloud.com hostnames on 11 February 2025. See Product requirements.
Phone numbers and email addresses are partly obscured when presented in 2FA choice lists in the following on-prem products.
- IBM Security Verify Gateway for Linux PAM 1.0.7
- IBM Security Verify Gateway for AIX PAM 1.0.4
- IBM Security Verify Gateway for RADIUS 1.0.12
- IBM Security Verify Gateway for Windows Login 1.0.11
The installation process for the following on-prem products removes the access of Windows Users group from the installation directory.
- IBM Security Verify Bridge 1.0.16
- IBM Security Verify Bridge for Directory Sync 1.0.13
- IBM Security Verify Gateway for RADIUS 1.0.12
- IBM Security Verify Gateway for Windows Login 1.0.11
New RSA and ECDSA certificates are being issued for *.verify.ibm.com hostname on 05 November 2024. See Product requirements.
Enhancements were made for password expiration for on-prem agents that use the Verify Bridge to connect with Verify. If password reset is enabled on your Verify tenant and you log in with an expired on-prem password, you are now redirected to the change password flow. If password reset is not enabled for your tenant and you log in with an expired on-prem password, you receive and expired password message instead of an authentication failed message.
The Subscription Usage Dashboard is currently still in preview mode. Some inaccuracies were discovered in the usage statistics. The levels of consumption for your subscriptions might be incorrectly displayed in the dashboard. The issue is being worked on.

Note: The inaccuracies in the data that is displayed do not affect your billing in any way.

Related Information

IBM Documentation

[{"Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSCT62","label":"IBM Security Verify"},"ARM Category":[{"code":"a8m0z0000001jljAAA","label":"Security Verify"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Product Synonym

IBM Cloud Identity;IBM Security Verify;Verify;Verify SaaS

Was this topic helpful?

Document Information

Modified date:
25 March 2025

UID

ibm17184822

Tips