Change password
Display current provider rules, verify the user, submit the change, and return the authoritative provider result.
Employees can manage the identity actions their company approves while the server applies provider policy, step up verification, tenant capability rules, audit evidence, and truthful result handling.
Display current provider rules, verify the user, submit the change, and return the authoritative provider result.
Use approved verification and recovery paths without putting provider secrets or service credentials in the mobile app.
Allow only company approved attributes. Phone changes can require OTP verification before persistence.
Show supported factors and allow approved enrollment, disable, or removal actions when provider APIs permit them.
Attempt a live unlock and confirm the resulting directory state, even when cached status previously appeared healthy.
Route assigned recovery approvals to authorized managers with a clear action history and without exposing secrets.
Present recent identity and security activity that the server is authorized to associate with the signed in user.
Show supported device information and health signals without turning missing provider data into a false failure.
Display a locally cached image immediately and refresh it through a separate background process outside the main sync.
Manage uses tenant capability information so the screen reflects what each company supports. Cached capability state is shown immediately and can refresh silently. Navigating away from the screen should not disable an allowed function.
Identity providers and directories can apply an action before the response reaches the app. MYID can follow a delayed result with a status confirmation and can distinguish success, pending, provider failure, policy denial, and unavailable evidence.
IBM reports that Askari Bank worked with SPS to implement self service password reset and IBM Verify. Published results include a 75 percent reduction in help desk time for password issues and 80 percent staff adoption.
That outcome belongs to the documented deployment and is not a guarantee for another customer.
Customers should validate real provider permissions, a locked and already unlocked directory account, password rules, factor behavior, profile field policy, support routes, audit evidence, timeout recovery, and rollback before production approval.