Identity and Access Management App Exchange
IBM X-Force Exchange is a threat intelligence sharing platform that you can use to research security threats, to aggregate intelligence, and to collaborate with peers. The IAM App Exchange within this platform provides a channel for sharing application specific extensions that provide integrated value on top of IBM Security offerings. Via the IAM App Exchange, customers of IBM and our business partners can strengthen their offerings through seamless integration of third party authentication mechanisms.
Below are the steps for getting set up, developing your application, and getting it validated for upload to the IAM App Exchange.
1. Get set up
- Obtain an IBM ID
- Join Partnerworld: Create a new Company registration OR join your company’s existing Partnerworld membership
- Request Access to the IBM Security App Exchange Submission Portal: The person responsible for the submission to the IBM Security App Exchange, will need to be granted permission to the Submission Portal. Please send an email to IAMAppX@wwpdl.vnet.ibm.com requesting access to the Submission Portal and provide your IBM ID
2. Developing your App Exchange Extensions
- IBM Security Access Manager offers InfoMap as a flexible way to write custom authentication mechanisms. For additional documentation on integrating with Infomap: IAM App Exchange Infomap Integration
3. Submit solution for validation
- Create a Global Solutions Directory Entry: Once a solution is validated the solution will show up in the IBM Security Solutions Catalog as well as the IBM Security App Exchange.
- Nominate Solution: Nominate the solution for the Ready for IBM Security Validation.
- Get Access to Product Image for Dev/Test/Support: If you do not have access to IBM Software through the Software Access Catalog, you can request access to an ISAM image for dev/test and support by sending an email to IAMAppX@wwpdl.vnet.ibm.com and provide your IBM ID. Upon approval of your request, you will be added to a partner community and given a unique key in order to download the ISAM software.
4. Complete your validation testing
- After reviewing documentation above, the technology partner will complete an architectural review of the integration with IBM. To request this meeting please send an email to IAMAppX@wwpdl.vnet.ibm.com requesting the meeting. The purpose of the review is to identify possible stumbling blocks in the plan early and confirm that the integration method InfoMap vs. EAI is appropriate.
- Technology Partner submits the App and all required supporting materials and information using the App Exchange submission portal (See Figure 1). For a preview of the submission portal screen follow this link: IAM AppX Submission Screens.
- Technology partner includes java script file, HTML templates and an example authentication policy using for using the integrated mechanism for authentication
- Technology partner submits marketing artifacts required for IBM Security App Exchange listing.
- Integration Factory validation includes:
- Code scan with AppScan
- High level implementation review
- Web meeting demonstration by the authentication vendor of the authentication mechanism working with ISAM