Announcements
Security
May 21, 2020 By Michelle Kaufman
Martin Smolny
2 min read

How can users log in to IBM Cloud?

Today, authentication in IBM Cloud only works with an IBMid. If you create an IBM Cloud account, then you either already have an IBMid or you created one to open the account. Also, if you invite users to your IBM Cloud account, accepting the invitation creates an IBMid user (if they aren’t one already).

How does federation work with IBMid in IBM Cloud?

To relieve your enterprise employees from having to create and manage an IBMid user just for logging into IBM Cloud, there is an option available to onboard employees to IBMid. This way, your enterprise employees can log into IBMid with their usual intranet credentials. For more information about setting up enterprise federation with IBMid, check out the federation guide.

This IBMid federation option provides many benefits and is widely used by many of our enterprise customers.  Nevertheless, federation onboarding to IBMid is a manual process between you and the IBMid team. And, there are certain requirements—such as a worldwide unique email address—that can’t be met by all customers.

While the existing solution of IBMid federation is helpful for many and a popular option, IBM Cloud Identity and Access Management (IAM) is now offering another option.

Using an external identity provider to federate users in IBM Cloud

IBM Cloud IAM can now leverage the IBM Cloud App ID service to connect to external identity providers and allow those users to log into an IBM Cloud account. This way, any external identity provider that is supported by App ID can be leveraged. 

Some of the benefits of integrating your App ID instance with IBM Cloud IAM include self-service federation instead of completing a manual onboarding with IBMid and no restrictions on email addresses or usernames like there is with IBMid federation, which requires a worldwide unique email address.

Review the following high-level steps for integrating an external identity provider into your IBM Cloud account:

  1. If you don’t have one already, create an IBM Cloud account. This step does require you to create or use an existing IBMid.
  2. Create an instance of the App ID service from the IBM Cloud Catalog and configure it so it connects correctly to your external identity provider. Remember, any user that can authenticate through your App ID instance can access your IBM Cloud account, so only allow users who you want to be able to access your account.
  3. In the IBM Cloud console, go to Manage > Access (IAM), and then click Identity providers. Here, you can create an IAM Identity provider that points to the App ID instance from Step 2.
  4. Copy the login URL from this page and provide it to your employees when logging into IBM Cloud. If you have an employee portal or website, you can create a link using this login URL so that everybody can easily log into IBM Cloud.

Tip: To further automate the handling of IBM Cloud account users, you can create access groups with dynamic rules. Whenever a user logs in to IBM Cloud, those rules are evaluated and the user is potentially added to an access group that gives access to specific resources in IBM Cloud.

Check out the documentation to learn more about this exciting new feature in IBM Cloud.

Michelle Kaufman
Content Lead and Strategist, IBM Cloud Platform
Martin Smolny
IBM Cloud Identity and Access Management

More from Announcements
April 19, 2024

IBM Consulting augments expertise with AWS Competencies: A win-win for clients 

3 min read - In today's dynamic economic landscape, businesses demand continuous innovation and speed of execution. At IBM Consulting®, our unwavering focus on partnerships and shared commitment to delivering enterprise-level solutions to mutual clients have been core to our success.   We are thrilled to announce that IBM® has recently gained five competencies from Amazon Web Services (AWS) in vital domains including Cloud Operations, Internet of Things (IoT), Life Sciences, Mainframe Modernization, and Telecommunications. With these credentials, IBM further establishes its position as a…

April 18, 2024

Probable Root Cause: Accelerating incident remediation with causal AI 

5 min read - It has been proven time and time again that a business application’s outages are very costly. The estimated cost of an average downtime can run USD 50,000 to 500,000 per hour, and more as businesses are actively moving to digitization. The complexity of applications is growing as well, so Site Reliability Engineers (SREs) require hours—and sometimes days—to identify and resolve problems.   To alleviate this problem, we have introduced the new feature Probable Root Cause as part of Intelligent Incident…

April 11, 2024

Reflecting on IBM’s legacy of environmental innovation and leadership

4 min read - Upholding a legacy of more than 50 years of environmental responsibility through our company’s actions and commitments, IBM continues to be a leader in driving sustainability for our business, our communities and our clients—including a 34-year history of annual, public environmental reporting, which we continue today. As a hybrid cloud and artificial intelligence (AI) company, we believe that leveraging technology is key to unlocking impact, and it will play a substantial role in how society addresses, adapts to, and overcomes…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters