Orchestration guides

IBM Security Verify SaaS offers various user flows, such as user registration, password recovery, and more, that can be configured within minutes and published. However, IAM requirements can often be more complex, and this level of customization may prove insufficient. Use the Flow designer to address such needs.

Orchestration covers the concepts and capabilities that are offered by Verify. This article introduces several guides to learn about this capability and to also import common flows to your tenant.


You may ask to enable certain capabilities on your tenant to unlock the full power of orchestration with Verify. These are listed here:

  • Adaptive access: Offers risk evaluation using AI and machine learning models that combine device characteristics, user behavior and more to compute a risk level.
  • Flow designer: Presents a canvas for a user to author customized flows beyond point-and-click orchestration options.


Several guides are available as sub-topics and you can view them at a glance here.

"Hello world"

"Hello world" flows are used to learn more about the capabilities and tools available. They should not be deployed into a production environment.

Login with usernameUse an existing username to authenticate to the Verify tenant.

User journey flows

Identity source routingAuthenticationUse server-side rules to redirect a user to the appropriate identity provider.
Passkey auto-complete with identifier-first authenticationAuthenticationUse registered passkeys to authenticate through the username auto-complete prompt.
Multi-step user registrationRegistrationBuild a multi-step user registration flow.

Adding flows to your tenant

The guides available as sub-topics contain instructions to add specific flows to your tenant. This provides a starting point for common flows. However, you may need to make some changes as described in each guide after you import the flow.

Associated assets

The associated assets, such as custom pages, flow model and any scripts, are available in the IBM Security Verify SaaS Resources repository. You will be expected to download the contents of this GitHub repository to your local machine. This folder you choose is referenced in the guides as $GIT_REPO.

There are two methods possible as described below.

Cloning the GitHub repository

You can use any Git client for this purpose and clone the repository to a local folder. For the purposes of this article, the commands are provided
here that can be run in a terminal. For Windows machines, this may need to be adjusted.

$ user@machine ~ $ echo "Choose any parent folder in your machine and change to it" && mkdir -p ~/workspaces && cd ~/workspaces
Choose any parent folder in your machine and change to it
$ user@machine workspaces $ git clone https://github.com/IBM-Security/verify-saas-resources.git && ls

$GIT_REPO is the "verify-saas-resources" folder.



You can use a GUI interface or any other method of cloning the GitHub repository to your machine. Also, if you have a valid SSH key, you may use SSH to clone the repository.

Downloading a zip

You may download the repository contents as a zip file and extract it in your machine. However, this is not recommended because it makes it harder to update the contents downloaded to your machine. With the Git client, partial updates can be pulled down more easily.

The steps to follow here are as below:

  1. Open a browser and go to the IBM Security Verify SaaS Resources repository.

  2. Download the source code as a zip and unzip to a source location. The $GIT_REPO is the "verify-saas-resources-main" folder.