Achieving OpenID Connect Provider conformance with IBM Security Verify Access

ISAM supports the OpenID Connect protocol. IBM Security Verify Access acts as both the OpenID Provider and the Relying Party.

This topic provides the information required to be performed on IBM Security Verify Access for it to be conformant as an OpenID Connect Provider.

Most of the scenarios are conformant Out-of-the-box. However there are some scenarios where access policies and mapping rule can be used.

These artifacts required to achieve conformance with IBM Security Verify Access are placed in a compressed file under System > File Downloads > Federation > examples. In the examples folder, download oidc_op_conformance.zip and extract its contents. The oidc_op_conformance.zip contains the following files:

There are comments specified in the files listed above that explains in detail about the scenario that is achieved for OIDC Conformance.

The files also contain “OIDC Conformance-Example" which indicates a snippet of code to be added to achieve a certain scenario for conformance.

To achieve conformance on an existing IBM Security Verify Access setup, copy the snippets of AccessPolicy, Mapping Rule, and create the necessary STS chains.


Parent topic: Conformance