IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Verify SaaS: Monitor scripts may be affected by change in concurrent session limits (Oct 7, 2021)

  • 1.  Verify SaaS: Monitor scripts may be affected by change in concurrent session limits (Oct 7, 2021)

    Posted Tue September 07, 2021 07:58 AM
    Edited by Jon Harry Tue September 07, 2021 08:45 AM
    Hi All,

    A quick notification.  From the 7th October 2021, IBM Security Verify SaaS will enforce a limit on the number of concurrent sessions for a single user ID.

    This limit is high and unlikely to impact any real users.  However, if you are running synthetic transactions as part of monitoring, you may hit this limit if you have scripts that perform a login but do not perform a logout.  For example, if a large number of logins are performed as the same user ID in quick succession (i.e. before the session inactivity timer discards them) this limit will be enforced.  This could cause your monitoring scripts to incorrectly indicate that your Verify SaaS tenant is not available.

    To prevent concurrent logins from hitting the new limit, you should add a request to the following URL at the end of any synthetic transaction that performs a login:  https://{{tenant}}/idaas/mtfim/sps/idaas/logout.

    This will terminate the session so that it is no longer counted against the concurrent session limit for the user ID.

    If the concurrent session limit is reached, this is the error message that will be returned after successful authentication:
    You are already logged in to the maximum number of sessions allowed.
    Jon.


    ------------------------------
    Jon Harry
    Consulting IT Security Specialist
    IBM
    ------------------------------