OAuth and OIDC

OpenID Connect
OpenID Connect API v2

Users & Groups

Account expiration configuration
- Retrieve the global configuration for attribute mapping that can be overridden in individual identity providers.get
- Set the account expiration config.put
Password Policy Management 2.0
- Deprecated - Get the password policy for a specified tenant.get
- Deprecated - Update the password policy for a specified tenant.put
Dictionary Policy Management 3.0
Password Dictionary Management 3.0
Password Policy Management 3.0
Users Management Version 2.0
Groups Management Version 2.0
User Self Care API

Attribute management

Attributes

Application management

Application Access
Entitlement Management

Authentication

Identity Source Types
Authentication Token Exchange
- Exchange a valid bearer token for an authenticated browser sessionget
- Exchange a valid bearer token for an authenticated browser sessionpost
Authentication Manage User Sessions
Social JWT Exchange
- Exchange a valid social JWT for an IBM Security Verify access token.post
FIDO Configuration
QR Code Login Configuration
- Retrieve the QR code login configuration.get
- Update the QR code login configuration.put
reCAPTCHA
FIDO
QR Code Login
Password Authentication

Multi-factor authentication

Authentication Factors 2.0
Email One-time Password 2.0
One-time Password
Knowledge Questions
SMS One-time Password 2.0
Time-based One-time Password 2.0
Voice One-time Password
Authenticators
Signature Authentication

Federation

Identity Provider Attribute Mappings
- Retrieve the global configuration for attribute mapping that can be overridden in individual identity providers.get
- Set the global attribute mappings for identity sources.put
OpenID Connect Grant Management
OpenID Connect Dynamic Client Profile
- Read dynamic client profile.get
- Update dynamic client profile.put
OpenID Connect Federation
- Retrieves the OpenID Connect federation configuration.get
- Updates the OpenID Connect federation configuration.put
SAML 2.0 Alias Management
SAML 2.0 Federations Management
WS Federation Management
- Enable WS-Federation audit trace for the tenantpost
- Enable WS-Federation audit tracepost

Access & Risk Policies

Access Policy Management V5.0

Branding & customization

Template File Registration
Customization - Themes

Lifecycle & Governance

Account Lifecycle
Adapter Management
Provisioning Management
Access Request Management V1.0

Identity agents

Agent Bridge Support Service

Data privacy & consent

External Consent Providers
Data Privacy and Consent Management
Data Privacy and Consent

Event analytics & reports

Events
- Get all events for a tenant.get
Reports

Authentication Configuration

Email One-time Password Configuration 2.0
- Retrieve the email one-time password configuration.get
- Update the email one-time password configuration.put
One-time Password Configuration 2.0
- Retrieve the one-time password configuration.get
- Update the one-time password configuration.put
Knowledge Questions Configuration
SMS One-time Password Configuration 2.0
- Retrieve the SMS one-time password configuration.get
- Update the SMS one-time password configuration.put
Time-based One-time Password Configuration 2.0
- Retrieve the time-based one-time password configuration.get
- Update the time-based one-time password configuration.put
Voice One-time Password Configuration
- Retrieve the voice one-time password configuration.get
- Update the voice one-time password configuration.put
Authenticator Clients
Signature Authentication Configuration

General configuration

Email Domain Authentication
API Clients
Session Exchange Configuration
- Retrieve the configuration for session exchange.get
- Set the session exchange config.put
Tenant Properties API 2.0
- Retrieves a list of tenant properties for the specified tenant.get
- Replaces the tenant properties for the specified tenant.put
Admin Entitlement Management
Certificates
Push Credentials Management
Email Suppression List Management
- Check if the email address is in the email suppression listget
- Delete an email address from the email suppression listdel

Password Vault

Password Vault Configuration
- Retrieve the password vault configuration.get
- Update the password vault configuration.put
Password Vault

Deprecated APIs

Deprecated - Preview the value that would be computed for this attribute.post
Access Policy Management v3.0 (deprecated)
OpenID Connect Consent Management (deprecated)

IBM Security Verify API

Dynamic group management
User management
- Get all the active dynamic groups for a userget
- Reevaluate user's dynamic grouppatch
Deprecated - Attribute Evaluation. Replaced by /v2.0/attributequery.
Tenant policy configuration
- Retrieve the configuration for first factor policy. This is a list of policy Id, but only one policy is currently supportedget
- Set the configuration for first factor policy. This is a list of policy Id, but only one policy is currently supportedput
Identity Sources V1 - Deprecated
Identity Sources V2
Certification Campaign assignments v2.0
Certification Campaign configurations v2.0
Certification Campaign instances v2.0
Certification Campaign statistics v2.0
Certification Campaign assignments v1.0 - Deprecated
Certification Campaign configurations v1.0 - Deprecated
Certification Campaign instances v1.0 - Deprecated
Certification Campaign statistics v1.0 - Deprecated
FIDO MDS Configuration
External MFA Providers
Well-Known Uniform Resource Identifiers
Access Management
Entitlement Management V2
Device manager configuration
Smartcard and other X.509 certificate provider configuration
Smartcard or certificate provider operations
- Remove smartcard/X.509 certificate provider certificates for a specified user id.del
Query Logs
- Retrieves the trace logspost
OpenID Connect Security Token Service Clients
OpenID Connect Token Types
OpenID Connect Client Secret Rotation
SAML 2.0 SP Alias Management
Threat Insights Configurations API
Webhook-Configuration
Flow management

Update the editable attributes of a specific authenticator client.

put

https://{tenanturl}/v1.0/authenticators/clients/{id}

Update the editable attributes of a specific authenticator client for IBM Verify instances or custom mobile authenticators that are built from the IBM Verify SDK.

Entitlements:
- manageAuthenticatorsConfig (Manage authenticator configuration)

Recent Requests

Time	Status	User Agent
Retrieving recent requests…

Loading…

Path Params

string

required

The authenticator client identifier.

Body Params

A JSON payload that specifies the authenticator client data.

An authenticator client which is valid for runtime flows supporting registrations.

name

string

required

The display name of the client

enabled

boolean

required

Whether the client is enabled for runtime use

accessTokenLifetime

int32

required

The length of time, in seconds, an access token will be valid

refreshTokenLifetime

int32

required

The length of time, in seconds, a refresh token will be valid

authorizationCodeLifetime

int32

required

The length of time, in seconds, an authorization code will be valid

Responses

204

The update was successful.

Updated over 2 years ago

Language

URL

Loading…

Response

Choose an example:

application/json

Updated over 2 years ago

400The request cannot be processed because the request body contains improperly structured JSON

401The unauthenticated user does not have the permissions to perform the requested operation

403The authenticated user does not have the permissions to perform the requested operation

404The resource cannot be found

409The request could not be processed due to a conflict