IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  ISAM - IGI Password Callout Configuration

    Posted Fri May 07, 2021 02:22 PM
    Hi,

    I'm trying to configure the ISAM - IGI password Callout to configure the the password sync, I'm using the IBM guide to fulfill this requirement, but after the configuration and restart the WebSEAL instance i try to make a password change via the /pkmspasswd form and notice that every time y send the change to the form the WebSEAL instance is restarted, am I missing something on my configuration???

    [password-callouts]
    proxy =
    authentication-endpoint = https://<igi-host>:<igi-post>/igi/v2/security/token
    authentication-static-header = realm:ADMIN
    client-id = ***********
    search-endpoint = https://<igi-host>:<igi-post>/igi/v2/agc/users/accounts/.search
    search-filter = urn:ibm:params:scim:schemas:resource:bean:agc:2.0:Account:code eq "{username}" and urn:ibm:params:scim:schemas:resource:bean:agc:2.0:Account:pwdcfg_name eq "Verify Access"
    pre-update-endpoint = https://<igi-host>:<igi-post>/igi/v2/agc/users/accounts/PasswordValidateRequests
    pre-update-user-prefix = /Users/accounts/
    post-update-endpoint = https://<igi-host>:<igi-post>/igi/v2/agc/users/accounts/
    static-header = realm:IDEAS
    static-header = password-callout:true
    client-secret = ***********

    ------------------------------
    Gabriel Labarrera
    ------------------------------


  • 2.  RE: ISAM - IGI Password Callout Configuration

    Posted Mon May 10, 2021 04:36 AM
    Hi Gabriel,

    The WebSEAL instance shouldn't restart - I suggest you open a support ticket.

    Jon.

    ------------------------------
    Jon Harry
    Consulting IT Security Specialist
    IBM
    ------------------------------

    Original Message


Related Content