IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

ISIM - ISAM SSO Integration and Forgot Password Functionality

  • 1.  ISIM - ISAM SSO Integration and Forgot Password Functionality

    Posted Thu December 10, 2020 07:53 AM
    Hi All,

    I have a question on configuring forgot password functionality with ISIM-ISAM SSO.

    Here is the quick background of the environment:
    1. Active Directory is configured as a federated registry with ISAM.
    2. Same Active Directory is being managed by ISIM and Password Sync is enabled in ISIM.
    3. ISIM-ISAM SSO has been configured with standard info center steps and it's working fine.

    Now, I want to enable the forgot password functionality using the ISC forgot password which is based on ISIM KBA.

    To do so, I want to customize the ISAM login page to put the ISC Forgot Password link on the page. Additionally, I don't want end-user to go to ISC directly and all traffic should be via WebSEAL only(i.e. via /itim/ui junction). In this way, there is no need to expose the ISC URL publically.

    The issue that I am facing is that ISC forgot password page is not independent so I can directly attach the unauth ACL. Instead, it is using the same ISC login page with the login id provided and then click on the Forgotten Password link.

    So How I can make forgot password available for the unauthenticated user via WebSEAL and also making sure that ISC SSO is not impacted? 

    I have seen forgot password functionality was working with older versions but never configured it on my own.
     
    Can you please help me with this?

    ------------------------------
    Prashant Narkhede
    ------------------------------