The IBM Security Verify Access OIDC Provider (ISVAOP) provides a containerized OIDC Provider which is designed to keep up with the latest OAuth and OIDC standards and comply with the latest conformance and specification standards, particularly Open Banking/FAPI.

Defining the Environment

At a high level, when starting the ISVAOP container you need to define:

  1. The provider configuration that defines defaults and grant flows.
  2. The storage layer configuration, including the choice of using a distributed session cache either in the form of the runtime database (HVDB) or Redis.
  3. The client level configuration and authentication methods.
  4. Any attribute sources.


The specific documentation which will assist in getting you started includes: