New capabilities recently launched in IBM Cloud App ID
App ID lets you add different types of user authentication to your mobile and web apps. For consumer apps, users can sign up through your app and then log in with the credentials that they set, or use social login (e.g., Facebook and Google). For employee apps, employees can log in to your app with enterprise credentials via SAML 2.0 federation. For all types of apps, App ID lets you create user profiles so you can create personalized app experiences.
We’ve broadened App ID capabilities so you can give users more ways to sign up and sign in and enrich user profiles further.
Cloud Directory enhancements
Cloud Directory is App ID’s fully managed secure and scalable user registry. You can let users sign up and then sign in to your apps without setting up and maintaining infrastructure to manage users or working to comply with privacy standards like GDPR.
In addition to letting users sign up with an email/password, we’ve added support in App ID for username/password. You can now also set a password strength policy (e.g., password length) that will apply when users choose their password.
Additionally, your app users can now receive sign-up and sign-in emails in either English or their preferred language, based on their device locale. Emails include a welcome message when your user signs up in your app, email validation, reset password, and forgot password.
User profile enhancements
App ID user profiles are used to store information about your users that you can use to customize app experiences, such as their role in your organization or their app preferences. Some useful information about your app users may already be present in the Identity Provider (IdP) you are using with App ID (e.g., your Enterprise user repository or the user’s Facebook/Google profile if you are using a social login). App ID now lets you enrich the user profiles you create for your apps with info already present in the IdPs you are using. And as before, you can add your own custom attributes, such as app preferences.
Strengthen the security of your app
App ID now lets you revoke refresh tokens in case you suspect a security incident and want to force users to have to log in again to your apps. Some background about how refresh tokens are used: When a user signs in through your app, App ID issues the user an access token that your app uses to access protected backend resources on behalf of the user. App ID also issues a refresh token with that access token, which is used to obtain a new access token from App ID when the access token expires. This is so the user doesn’t have to log in to the app again to continue to use it. Now you can revoke refresh tokens to force users to log in again when you need to.
As always, we’d love to hear your feedback and questions. Get help for technical questions at Stack Overflow with the ibm-appid tag. For non-technical questions, use IBM developerWorks with the appid tag. For defect or support needs, use the Support section in the IBM Cloud menu. To get started with App ID, check it out in the IBM Cloud Catalog.