IBM Security Verify Governance adapter for IBM Security Verify v10.0.12 is available. Compatibility, installation, and other getting-started issues are addressed.
Copyright
International Business Machines Corporation 2022, 2026. All rights reserved.
US Government Users Restricted Rights -- Use, duplication or disclosure
restricted by GSA ADP Schedule Contract with IBM Corp.
Welcome to the IBM Security Verify Governance adapter for IBM Security Verify.
This Release Notes contain information for the following products that was not available when the IBM Security Verify Governance Server manuals were printed:
The SDI-based IBM Security Verify Governance Adapter for IBM Security Verify is designed to reconcile users, groups and roles on IBM Security Verify. It also supports user management tasks such as account add, modify, suspend, restore and password change.
The adapter runs in "agentless" mode and communicates using HTTPS protocol.
The IBM Verify Governance Adapters are powerful tools that require Administrator Level authority. Adapters operate much like a human system administrator, managing users, groups and permissions. Operations requested from the IBM Security Verify Governance Server will fail if the Adapter is not given sufficient authority to perform the requested task. IBM recommends that this Adapter run with administrative permissions.
Review and agree to the terms of the IBM Security Verify Governance Adapter License prior to using this product.
The license can be viewed from the "license" folder included in the product package.
Adapter Version
|
Component |
Version |
|
Release Date |
2026 June 12 04.32.10 |
|
Adapter Version |
10.0.12 |
|
Component Versions |
Adapter build: 10.0.12.1 Profile: 10.0.12.1 Connector: 10.0.12.1 Dispatcher 7.0.39 or higher (packaged separately) |
|
Documentation |
The following guides are available in the IBM Knowledge Center
IBM Security Verify Adapter for IBM Security Verify Governance Installation and Configuration Guide |
New Features
|
Internal# |
Enhancement # (IDEA) |
Description |
|
|
|
Items included in current release (10.0.12) |
|
SVGAD-6457 |
ADAPT-I-251 |
Add support for External ID attribute |
|
SVGAD-6622 |
ADAPT-249 |
Certify the adapter for use with IBM Verify Directory Integrator version 11.x |
|
|
|
Items included in release (10.0.11) |
|
SVGAD-4336 |
ADAPT-174 |
Handled "User already exists" scenario as warning for smoother provisioning |
|
SVGAD-2224 |
ADAPT-161 |
Add support for Manager Attribute |
|
|
|
Items included in release (10.0.10) |
|
None |
||
|
|
|
Items included in release (10.0.9) |
|
SVGAD-1823 |
ADAPT-158 |
Certify the adapter for use with IBM Security Verify Directory Integrator version 10.0 |
|
|
|
Items included in release (10.0.8) |
|
None |
||
|
|
|
Items included in release (10.0.7) |
|
None |
||
|
|
|
Items included in release (10.0.6) |
|
None |
||
|
|
|
Items included in release (10.0.5) |
|
Internal/ADAPT-111 |
add bundledefinition.json to the profile |
|
|
|
|
Items included in release (10.0.4) |
|
None |
||
|
|
|
Items included in release (10.0.3) |
|
None |
||
|
|
|
Items included in release (10.0.2) |
|
None |
||
|
|
|
Items included in release (10.0.1) |
|
RTC 187867 |
RFE 145721 (63011) |
ISV Adapter should support multivalued CD attribute |
|
RTC 187868 |
|
Internal - Support large number of Application Role recon with IBM Security Verify Governance Adapter |
|
RTC 187869 |
|
Internal - Support large number of Group recon with IBM Security Verify Governance Adapter |
|
|
|
Items included in release (7.1.5) |
|
RTC 186980 |
|
Change adapter name to IBM adapter for IBM Security Verify in code, release notes, logs |
|
RTC 186660 |
RFE 142267 (61824) |
Update the CI Adapter code to NOT enforce email attribute as required |
|
RTC 186910 |
RFE 143020 (62083) |
Disable email notification to users when create/modify account in CI tenant. |
|
|
|
Items included in release (7.1.4) |
|
|
RTC 186135 |
Internal - Support large number of Users recon with Cloud Verify Adapter |
|
|
RTC 185179 |
Internal - Support other default attributes on Cloud Verify Adapter |
|
|
RTC 184337 |
Internal - Support Custom Attributes on Cloud Verify Adapter |
|
|
RTC 185434 |
Internal - Cloud Verify Adapter must support Roles |
|
|
|
Items included in 7.1.3 release |
|
|
|
None |
|
|
|
Items included in 7.1.2 release |
|
|
|
Initial release |
Closed Issues
|
Internal# |
APAR# |
Case # / Description |
|
|
|
Items included in current release (10.0.12) |
|
SVGAD-6285 Bug 4706 |
DT468022 TS021758226 |
Payload for federated user contains prohibited Notification schema when Realm ≠ cloudIdentityRealm in Verify SaaS Adapter |
|
SVGAD-6330 Bug 4709 |
DT473333 TS021922615 |
Adapter stuck after ~50 mins while doing recon. |
|
|
|
Items included in release (10.0.11) |
|
|
None |
|
|
|
|
Items included in release (10.0.10) |
|
SVGAD-1600 Bug 4253 |
ISV account modify request to add non-existing/bad group is success from adapter and not failure or warning in case of partial success for existing group |
|
|
SVGAD-3173 Bug 4422 |
DT398292 TS017266942 |
Add account request fails frequently on ISV service |
|
|
|
Items included in release (10.0.9) |
|
SVGAD-1743 Bug 4263 |
DT259220 TS015098764 |
ISV SaaS Adapter does not support Street Address and Locality standard attributes and sometimes sends null values for country and formatted address attributes causing 400 bad request error |
|
SVGAD-1713 Bug 4262 |
ISV adapter account modify success even when account does not exist on ISV side |
|
|
|
|
Items included in release (10.0.8) |
|
SVGAD-511 |
bundledefinition.json is packaged in the profile |
|
|
SVGAD-514 |
wrong version of thirdparty libary in bundledefinition.json and releasenotes |
|
|
SVGAD-389 Bug 4122 |
TS013151911 - Reconcilation taking long time from SaaS with ISIM |
|
|
SVGAD-1569 Bug 4248 |
DT255298 |
TS014831663 - Question about NPE failure in ISV adapter account modify |
|
|
|
Items included in release (10.0.7) |
|
SVGAD-199 Bug 4065 |
IJ46463 |
question about setup for handling preferredLanguage attribute from ISV side |
|
SVGAD-221 Bug 4076 |
IJ46575 |
issue with utf8 characters in attribute values sent to ISV from adapter |
|
SVGAD-108 RTC 191372 |
Internal - fix vulnerabilities that MEND scan reports |
|
|
SVGAD-109 RTC 191371 |
Internal - update libraries in adapter documentation guide and repository |
|
|
RTC 191276 |
Enhance the filtered reconciliations: add reconciliations based on the value of a specific attribute |
|
|
RTC 190837 |
ISV SaaS e-mail is mandatory but not in the account form |
|
|
|
|
Items included in release (10.0.6) |
|
RTC 190670 Bug 3884 |
TS008660227 / Client indicating ISV (Saas) does not update username via adapter |
|
|
|
|
Items included in release (10.0.5) |
|
RTC 190587 Bug 3819 |
TS009071328 / ISIM ISV Saas adapter reconciliation issues |
|
|
|
|
Items included in release (10.0.4) |
|
Bug 3718 |
TS007392203 / ISV - ISIM ISV SaaS Adapter reconciliation issues |
|
|
|
|
Items included in release (10.0.3) |
|
RTC 189830 Bug 3599 |
IJ34845 |
TS006261815 / ISV - ISIM Adapter gives an error while changing the password for ISV Service |
|
|
|
Items included in release (10.0.2) |
|
RTC 189275 Bug 3527 |
IJ33052 |
TS005627934 / ISIM ISV adapter does not update username on target |
|
|
|
Items included in release (10.0.1) |
|
RTC 187870 Bug 3364 |
|
TS004264922 / Not able to add multiple groups in single request from IBM Security Verify - Identity |
|
RTC 187933 Bug 3364 |
|
TS004264922 / Not able to add or remove some groups in case of large data from IBM Security Verify - Identity |
|
RTC 187872
|
|
Internal - IBM Security Verify adapter is not working properly with proxy server. |
|
|
|
Items included in release (7.1.5) |
|
|
|
None
|
|
|
|
Items closed in release (7.1.4) |
|
|
|
None |
|
|
|
Items closed in 7.1.3 release |
|
RTC 184997 |
|
Internal - Groups added while create account operation from ISIM are not visible on ISIM account form UI. |
|
|
|
Items closed in 7.1.2 release |
|
|
|
Initial release. |
Internal# |
APAR# |
Case # / Description |
|
N/A |
N/A |
For user filter recon, only userid is supported. Filters can be used in following formats: Ø (eruid=b), where b is the exact User Id to be matched. Ø (eruid=*b), where b is the ending string of User Id to be matched. Ø (eruid=b*), where b is the beginning string of User Id to be matched. Note: Filter in the form (eruid=*b*) cannot be used as its not supported by target. |
|
N/A |
N/A |
If customer change the service form to enable Email notification, they must make sure that email address is assigned to user. Otherwise it will not send email notification. |
|
N/A |
N/A |
Clear password is displayed in ibmdi.log if DEBUG logging enabled.
To avoid the issue, update the below property in TDI\V7.2\timsol\log4j.properties log4j.logger.org.apache.http=ERROR, Default Please refer the link Suppressing Password
Note: If it is in DEBUG level change to INFO level.
|
|
N/A |
N/A |
While creating Custom Attribute on CI tenant, even if Attribute is created with Number Data type, CI API can accept String as value. So, If Custom Attribute on IBM Security Verify - Identity is defined as Integer in schema.dsml , then value should be passed as Number.
There is API limitation that API can even accept the string as value for integer attribute.
On IBM Security Verify - Identity Account form (erTDICloudIDAccount.xml), validation for data types of custom Attributes can be added so that integer custom attribute will accept strictly number value only on IBM Security Verify - Identity account form.
|
|
N/A |
N/A |
While modifying user attributes for federated user, API returns 204 No Content success response. Therefore, adapter returns success to IBM Security Verify - Identity and operation is successful even though the attributes are not set on IBM Security Verify resource.
|
|
N/A |
N/A |
IBM Security Verify API does not return any error response while trying to connect with invalid resource URL and realm. Therefore, it accepts any value for URL and realm, but test connection will show success message on IBM Security Verify Governance or IBM Security Verify Governance Identity Manager regardless of the values for realm and URL.
|
Corrections to Installation Guide
No updates for the current release
No updates for the current release
No updates for the current release
No updates for the current release
No updates for the current release
No updates for the current release
No updates for the current release
Add below entry in Table 1. Supported Account attributes
|
erCloudIdentityExternalId |
External ID |
NO |
The IBM Security Verify Governance Adapters can be customized and/or extended. The type and method of this customization may vary from adapter to adapter.
Refer to the IBM Security Verify Governance Adapter Development and Customization Guide
Support for Customized Adapters
The integration to the IBM Security Verify Governance Server "the adapter framework" is supported. However, IBM does not support the customizations, scripts, or other modifications. If you experience a problem with a customized adapter, IBM Support may require the problem to be demonstrated on the GA version of the adapter before a case is opened.
Supported third-party client libraries:
Installation Platform
The IBM Security Verify Governance Adapter for IBM Security Verify was built and tested on the following product versions.
Adapter Installation Platform:
Earlier versions of SDI that are still supported may function properly, however
to resolve any communication errors, you must upgrade your SDI releases to the
officially supported versions by the adapters.
Managed Resource:
IBM Verify Identity Governance v11.0
IBM Security Verify Governance Identity Manager v10.0.x*
IBM Security Verify Governance v10.0.x
* Unless this document specifies a specific fix pack version of ISVG Identity Manager v10, we expect the adapter to work with ISIM6 as well. However, it will only be debugged and fixed from the perspective of ISVG-IM v10.
This information was developed for products and services
offered in the U.S.A. IBM may not offer the products, services, or features
discussed in this document in other countries. Consult your local IBM
representative for information on the products and services currently available
in your area. Any reference to an IBM product, program, or service is not
intended to state or imply that only that IBM product, program, or service may
be used. Any functionally equivalent product, program, or service that does not
infringe any IBM intellectual property right may be used instead. However, it
is the user's responsibility to evaluate and verify the operation of any
non-IBM product, program, or service.
IBM may have patents or pending patent applications covering subject matter
described in this document. The furnishing of this document does not give you
any license to these patents. You can send license inquiries, in writing, to:
IBM
Director of Licensing
IBM Corporation
North Castle Drive
Armonk, NY 10504-1785 U.S.A.
For license inquiries regarding double-byte (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to:
Intellectual
Property Licensing
Legal and Intellectual Property Law
IBM Japan, Ltd.
1623-14, Shimotsuruma, Yamato-shi
Kanagawa 242-8502 Japan
This information could include
technical inaccuracies or typographical errors. Changes are periodically made
to the information herein; these changes will be incorporated in new editions
of the publication. IBM may make improvements and/or changes in the product(s)
and/or the program(s) described in this publication at any time without notice.
Any references in this information to non-IBM Web sites are provided for
convenience only and do not in any manner serve as an endorsement of those Web
sites. The materials at those Web sites are not part of the materials for this
IBM product and use of those Web sites is at your own risk.
IBM may use or distribute any of the information you supply in any way it
believes appropriate without incurring any obligation to you.
Licensees of this program who wish to have information about it for the purpose
of enabling: (i) the exchange of information between independently created
programs and other programs (including this one) and (ii) the mutual use of the
information which has been exchanged should contact:
IBM
Corporation
2ZA4/101
11400 Burnet Road
Austin, TX 78758 U.S.A.
Such information may be available, subject to appropriate
terms and conditions, including in some cases, payment of a fee.
The licensed program described in this information and all licensed material
available for it are provided by IBM under terms of the IBM Customer Agreement,
IBM International Program License Agreement, or any equivalent agreement
between us.
Any performance data contained herein was determined in a controlled
environment. Therefore, the results obtained in other operating environments
may vary significantly. Some measurements may have been made on
development-level systems and there is no guarantee that these measurements
will be the same on generally available systems. Furthermore, some measurements
may have been estimated through extrapolation. Actual results may vary. Users
of this document should verify the applicable data for their specific
environment.
Information concerning non-IBM products was obtained from the suppliers of
those products, their published announcements or other publicly available
sources. IBM has not tested those products and cannot confirm the accuracy of
performance, compatibility or any other claims related to non-IBM products.
Questions on the capabilities of non-IBM products should be addressed to the
suppliers of those products.
Trademarks
IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of
International Business Machines Corp., registered in many jurisdictions
worldwide. Other product and service names might be trademarks of IBM or other
companies. A current list of IBM trademarks is available on the Web at
"Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.
Microsoft, Windows, and the Windows logo are trademarks of Microsoft
Corporation in the United States, other countries, or both.
Java and all Java-based trademarks and logos are trademarks or registered
trademarks of Oracle and/or its affiliates.