What's New

IBM Security Verify Access OIDC Provider is a new cloud native OIDC provider. The topic introduces new features and other information that is specific to the current release for IBM Security Verify Access OIDC Provider.

Version 22.09

• Client-Initiated Backchannel Authentication (CIBA)
• Pushed Authorization Requests (PAR)
• Preview - OAuth 2.0 Demonstrating Proof-of-Possession (DPoP)

Version 22.12

• JWT Secured Authorization Response Mode for OAuth 2.0 (JARM)
• OAuth 2.0 Demonstrating Proof-of-Possession (DPoP)
• Support for Oracle Database

Version 23.03

• Support for IBM Db2 Database
• Support for Kubernetes Secrets and ConfigMaps, YAML based configuration

Version 23.12

• OAuth 2.0 Token Exchange
• OpenID Connect Native SSO for Mobile Apps
• Mapping rule simulator (runjs)
• JavaScript helper function to call an existing ISVA STS chain
• Support for Oracle 23c and Postgres 15

Version 24.04

• Support for JWT Bearer Authorization Grant
• Support for OAuth 2.0 Device Authorization Grant
• Support for protecting the IBM Security Verify Access OIDC Provider runtime using Mutual TLS
• Support for monitoring using Instana and Dynatrace
• Defect fixes and Improvements
  • Revoke endpoint fixes.
  • DB schema update to increase column size for OAUTH20_TOKEN_EXTRA_ATTRIBUTE table ATTR_VALUE to 1024.
  • RedHat OpenShift Service account fix to not require anyuid role.

Version 24.06

• Defect fixes and Improvements
  • OAuthExtUtils associate() utility fix.
  • OAuthExtUtils throwException fix.
  • Import mapping rule.

Version 24.08

• Pre-authentication access policy.
• Update token lifetime mapping rule utility.
• Grant management mapping rule utility.
• Signing Helper mapping rule utility.
• Defect fixes and Improvements
  • Time skew configuration.

Version 24.10

• Support for hashing utility at mapping rule.
• Defect fixes
  • LDAP error message