IBM Security Access Manager v2 Connector

The IBM® Security Access Manager v2 Connector enables you to provision and manage IBM Security Access Manager users and groups by using the IBM Security Access Manager Registry Direct API.

The IBM Security Access Manager Registry Direct API directly accesses the underlying Security Access Manager registry rather than through authorization servers or policy servers. It also provides access to most of the underlying registry user attributes and the attributes available through the traditional IBM Security Access Manager Java™ API. This API provides attribute read-only Global Sign On (Single Sign On resource credential) support. It does not create, enable, disable, or delete the users that are enabled for Global Sign On.

The IBM Security Access Manager v2 Connector uses the access method that is provided through the Registry Direct API.

This API:

removes the dependency on the policy server, a single point of failure.
provides access to more attributes.
improves performance and scalability.

The IBM Security Access Manager v2 Connector supports managing users and groups in the following modes:

Iterator
AddOnly
Update
Lookup
Delete

Note: The IBM Security Access Manager v2 Connector does not support adding, modifying, or deleting global sign-on users. These users can only be read by using Iterator or Lookup mode. To add, modify, or delete global sign-on users, use the IBM Security Access Manager Connector.