IBM Security Verify
BlokSec can be configured as an inbound federation identity provider (a.k.a. social provider) for your IBM Security Verify tenant, and can also be configured to enable mapping of users with in the IBM Admin console. The following article describes the process to configure authentication .
The BlokSec ↔️ IBM Security Verify integration enables authentication via the SAML protocol. Configuration involves a few simple steps on both the BlokSec admin UI and the IBM Security Verify console.
BlokSec Admin UI
-
Sign into BlokSec admin UI as a user with admin privileges for your tenant
-
On the main dashboard, click the Add Application drop-down and select Create From Template and select IBM Security Verify
-
Complete the application details as follows and submit:
-
Name: IBM Verify (or your desired application name – we will assume this is called ‘IBM Verify’ for the remainder of this article)
-
SSO Type: OpenID Connect
-
Redirect URIs: (leave blank for now)
-
Post Logout Redirect URIs: (leave blank for now)
-
-
Once saved, click back into the newly created ‘IBM Verify’ application to open the application configuration
-
Click Generate App Secret, then make note of the Application ID and Application Secret as these will be required when registering your application with IBM Verify
IBM Verify Console
-
Sign into the IBM Security Verify admin console as a user with admin privileges for your tenant
-
Navigate to Configurtion > Identity Sources
-
Click the Add Identity Source button and choose SAML Enterprise from the dropdown menu
-
Complete the identity provider configuration with the following values (adjusting if required to meet your desired behaviour):
-
General Settings
-
Name: BlokSec yuID Passwordless (or the name of your choice)
-
Realm: bloksec
-
-
From Identity Provider
-
The SAML Single SignOn Flow initiated by: select Service Provider
-
Upload the XML metadata exported from the BlokSec Admin console
-
-
To Identity Provider
-
Select download link to save the metadata file from IBM Security Verify
-
Copy the Entity ID URI
-
Copy the Assertion Consumer Service URI
-
-
Save the configuration
-
BlokSec Admin UI (Part 2)
-
Return to the IBM Security Verify application configuration, click the 'gear' in the upper-right, and select **Edit Application **
-
Input the Entity ID as defined by IBM Security Verify in step 4 above
-
Input the **Assertion Consumer Service **as defined by IBM Security Verify in step 4 above
-
Select / check Request Signed and copy the X509Certificate value from the IBM Security Verify metadata XML downloaded in step 4 above (screen capture below of the X509 value)
- Select sbumit to save changes