IBM Security Verify

Shape the future of IBM Security Verify

We invite you to shape the future of IBM, including the product roadmap, by submitting ideas that matter to you the most.

Here's how it works:

Post your ideas

Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and upvote them if they matter to you,

  1. Post an idea

  2. Upvote ideas that matter most to you

  3. Get feedback from the IBM team to refine your idea

Submit a private idea

If you have confidential information or customer data to share with your idea, then - DO NOT submit using the link below, instead - please open a private feature request.

And finally - if its an issue with expected behaviour, a product defect or a support need, open a Support Case

Ability for user to view and revoke their Devices and ID/Access tokens registered to various Applications

Users should have the ability to view AND revoke ID/Access Tokens that are granted to their account and/or the devices that are logged into their account (i.e., on which the token was granted) to various applications. This would provide users with additional self-service security as users would then be able to revoke tokens/devices in cases of compromised applications, devices, etc.

This should of course be scoped so that users can only view and revoke their own tokens/devices.

  • Guest
  • Jul 5 2019
  • Functionality already exists
  • Guest commented
    24 Jul, 2019 08:11pm

    To clarify, we do support Grant management in production today, however via the self care, it is not currently shown. We do have an item in the backlog to support this. I'll mark this as duplicate. You can find the documentation here for Grant management:

  • Guest commented
    16 Jul, 2019 06:01pm

    Hello Adam. Could you please provide an update or response to the inquiry? I continue to only see consent management in the URL that you reference, and no options to view or revoke any access tokens.  

  • Guest commented
    9 Jul, 2019 04:04pm

    Hi Adam. I do not believe this is the case as I do not see user access tokens/devices at that URL for our tenant. Instead, I do see user consent management (i.e. permissions granted to specific applications) there. I can confirm that I acquired an access token for my account and I do not see it appearing under this link/tab. Is this a feature IBM just rolled out that has not propagated to all tenants yet? Could you please confirm that IBM supports allowing users to manage their user access tokens/devices at this link? Thank you.

  • Guest commented
    9 Jul, 2019 02:05am

    We currently support managing user access tokens that have been granted to their account via the URL. This would include devices as well that have been granted an access token.

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.