Today, we’re excited to announce App ID integration with IBM Cloud Kubernetes Service.
Today, we’re excited to announce App ID integration with IBM Cloud Kubernetes Service. You can use this integration to enforce policy-driven security in a consistent way using declarative configuration of the Ingress Controller to add App ID protection for web applications, APIs, and back-ends. Using this approach, you don’t have to instrument each of your applications separately – all the authorization and authentication flows will be handled automatically for you. No code change is required!
Here is how App ID works with IBM Cloud Kubernetes Service at a high-level:
- The request is sent to web app or API.
- Ingress Controller either validates supplied tokens (API flow) or starts a 3-leg OIDC authentication process (Web app flow).
- User Authenticates with App ID.
- App ID access and identity tokens are received and validated by Ingress Controller.
- The request containing access and identity tokens is forwarded to Kubernetes pods.
You can try it out here.
What is IBM Cloud AppID?
IBM Cloud App ID is a cloud-native, managed service running in multiple regions and availability zones of IBM Cloud, providing data governance, access management, and other capabilities. It’s the strategic identity service for applications on IBM Cloud. Use it to add authentication to your mobile and web apps and protect your APIs and back-ends running on IBM Cloud. Enable email/password based sign-up and sign-in with Cloud Directory – App ID’s scalable user registry allow your employees to sign-in with their existing credentials via SAML federation or use social sign-in with Facebook and Google. Host user profile info that you can use to build engaging experiences. App ID’s graduated tier pricing is described here.