There is no excerpt because this is a protected post.
My friend Leo has just posted details on how to make use of the OAuth provisioning APIs exposed via Infomap, you can take a look at the details here: https://www.ibm.com/blogs/security-identity-access/2018/06/oauth-building-developer-portal/ This is one of the best things you can do to enable your ISAM infrastructure to be easily consumed by your organizations developers. They can... Continue Reading →
Its not immediately obvious, and commonly misconstrued as an problem of disappearing tokens, but the OAuth grants in ISAM have a "Maximum" Grant lifetime, as opposed to an inactivity in a default API Definition. This means that when you request a Token - say via ROPC and you are using the default settings of an... Continue Reading →
In ISAM 22.214.171.124 the OIDC relying party was completely rewritten for increased flexibility. This has made it much easier to add support for Facebook Login into an ISAM Reverse Proxy instance. Here are the steps I've taken to authenticate into ISAM with Facebook. Pre-Conditions: ISAM 126.96.36.199 - Preconfigured Standard WebSEAL reverse Proxy with default configuration.... Continue Reading →
In order to clean up the instantiation URLs generated by the authentication service, you can use a ISAM HTTP transformation rule. I've just completed two examples of this. Remove PolicyId static prefix: This transformation removes the need to have a long static prefix at the beginning of the URL query string parameter you call to... Continue Reading →
A number of customers like to use various alias's to authenticate into ISAM, up until recently, the primary way of achieving this, is via a Custom EAI, or some elaborate LDAP hackery. Infomap, and the UserHelper capabilities, makes this a much easier affair. Here is an example, where we use the infomap to authenticate based... Continue Reading →