IBM Security Mobile Access SDK

Coinciding with the ISAM 9.0.2 release, we released version 1.2 of the IBM Mobile Security SDK for Android and iOS. ISAM SDK offers a platform library to: Authenticate users against ISAM with OAuth Works with OAuth for ISAM onwards. Strong authentication Support Generate Soft Token One Time Passwords Time based OTP and Counter based... Continue Reading →

ISAM AAC OAuth Session Endpoint

ISAM Advanced Access Control has a mechanism that allows a developer to convert an authenticated/valid OAuth Access token, into an authenticated ISAM session, that is using a cookie. There are two useful scenarios that this endpoint comes in handy: Hybrid Apps Where an OAuth authenticated native application wants to open a WebView, that is authenticated... Continue Reading →

Using Basic Users with OAuth-Auth and ROPC

In my research I have found that it is possible to use Basic Users with the ISAM OAuth-Auth capabilities. (ISAM Basic users are users that have NOT been imported into the ISAM registry.) However it seems there is currently a limitation in the OOTB authentication mechanism isAuthenticated = PluginUtils.isValidUsernamePassword(username, password); I've talked about how this... Continue Reading →

OAuth Authorization

When using ISAM in OAuth patterns, there are a number of ways you can do authorization based on OAuth scopes. In general, at last check, there are three main ways of Authorizing OAuth requests based on their scope. (or other attributes associated with the tokens). The mechanisms available are dependent on which OAuth validation mechanism... Continue Reading →

Up ↑