Connect to IBM Security Verify Access

Step 1 – Create an IBM Security Verify Access account store

1. On the navbar, expand Admin > Applications and Directories and select Account Stores and Systems.

2. On the Account Stores page, select the Actions tab and then click Create Account Store.
   
   

    

3. Under System Types, search for IBM Security.

4. Click the IBM Security Verify Access record to select the type and then click Submit.
   
   

   Open

   

   
   This opens the IBM Security Verify Access Settings form, which is where you enter information that allows EmpowerID to connect to the system.
   
   

   Open

   

    

5. On the IBM Security Verify Access Settings form, fill in the following information according to your authentication scenario:

EmpowerID creates the account store and the associated resource system. The next step is to verify the resource system parameters.

Step 2 – Verify Resource System Configuration Parameters

1. On the navbar, expand Admin > Applications and Directories and select Account Stores and Systems.

2. On the Find Account Store page, select the Account Stores tab and search for the IBM Security Verify Access account store you just created.

3. Click the Account Store link for the account store.
   
   

   
   This directs you to the Account Store and Resource System page for the account store. This page contains several tabs related to the account store that you can access to view and manage the account store and resource system.
   
   

    

4. Select the Resource System tab and then expand the Configuration Parameters accordion on the page.
   
   

    

5. Verify the following parameters are correct for your system:
   

6. To edit the value of a parameter, click the Edit button for the parameter you want edit.
   
   

    

7. Enter the new value in the Value field and click Save.

8. Repeat as needed.

The next step is to configure attribute flow.

Step 3 – Configure Attribute Flow

Now that the attribute flow has been set, you can configure the mapping between the SCIM microservice attribute and the EmpowerID account/group/OU table attribute if needed. Please follow the steps below if this is the case. the next steps include configuring the account store and enabling EmpowerID to inventory it.

Step 4 – Schema Mapping (Optional)

1. On the navbar, expand Admin > Applications and Directories and select Manage Schema.

2. Select the Security Boundary Object Attributes tab and search for user as Object Type ID and IBMTAMScim as Security Boundary Type.
   
   

    

3. Click the Edit button beside the Security Boundary Object Attribute you want to modify.
   
   

    

4. Change the RBACObject Attribute you want to use in the mapping and save your change.
   
   

    

5. Repeat for each mapping you want to change.

Step 4 – Configure account store settings

1. On the Account Store and Resource System page, select the Account Store tab and then click the pencil icon to put the account store in edit mode.
   
   

   
   This opens the edit page for the account store. This page allows you to specify the account proxy used to connect EmpowerID to your IBM Security Verify Access system as well as how you want EmpowerID to handle the user information it discovers during inventory. Settings that can be edited are described in the table below the image.
   
   

   
   

   
   
   

2. Edit the account store as needed and then click Save to save your changes.