IBM Cloud App ID

If you are a developer building an application, IBM Cloud App ID makes it very easy to add user authentication. You can add authentication with few lines of code and forget about managing infrastructure to scale with your user base.

What’s new?

We are introducing new capabilities to give you the option to strengthen the security of each authentication: multi-factor authentication (MFA) and advanced password policies. Both of these capabilities strengthen authentications for App ID’s Cloud Directory. Cloud Directory is App ID’s scalable user registry that lets users sign up through your application and then sign in with the credentials that they set (email and password or username and password). In addition to Cloud Directory, App ID supports enterprise sign-in (by federating SAML-based identity providers or custom ones) and social sign-in (Facebook and Google).

These advanced security features have an additional pricing component. When you enable either one of these features (or both) from the App ID console, each authentication event is charged also as an advanced security event. See the pricing section in the catalog page for more details. Note that these features are not available in App ID’s Lite plan or in App ID instances created before March 14, 2018.

Multi-factor authentication and advanced password policies

Multi-factor authentication

Multi-factor authentication (MFA) for Cloud Directory authentications offers email-based MFA to start. If you turn MFA on, users will be challenged to provide a one-time code they receive via email, in addition to their password, any time they sign in. Note that if you are using enterprise sign-in with SAML 2.0 or social login, you can enable MFA in the identity provider you are using, which is separate from MFA for Cloud Directory authentications described here.

Advanced password policies

When you enable the advanced password policy feature, you can enforce more secure passwords for Cloud Directory. In the App ID console, configure a set of rules that user passwords must conform to, including things like the number of times a user can try to sign in without getting locked out and the number of times a password can’t be repeated.

This advanced policy is separate from the basic ability to set a required password strength in App ID.

We will follow up with more blogs detailing these new features. We encourage you to start exploring in the meantime.

Feedback and support

As always, we’d love to hear your feedback and questions. Get help for technical questions at Stack Overflowwith the ibm-appid tag. For non-technical questions, use IBM developerWorks with the appid tag. For defect or support needs, use the Support section in the IBM Cloud menu. To get started with App ID, check it out in the IBM Cloud Catalog.

More from Announcements

IBM Hybrid Cloud Mesh and Red Hat Service Interconnect: A new era of app-centric connectivity 

2 min read - To meet customer demands, applications are expected to be performing at their best at all times. Simultaneously, applications need to be flexible and cost effective, and therefore supported by an underlying infrastructure that is equally reliant, performant and secure as the applications themselves.   Easier said than done. According to EMA's 2024 Network Management Megatrends report only 42% of responding IT professionals would rate their network operations as successful.   In this era of hyper-distributed infrastructure where our users, apps, and data…

IBM named a Leader in Gartner Magic Quadrant for SIEM, for the 14th consecutive time

3 min read - Security operations is getting more complex and inefficient with too many tools, too much data and simply too much to do. According to a study done by IBM, SOC team members are only able to handle half of the alerts that they should be reviewing in a typical workday. This potentially leads to missing the important alerts that are critical to an organization's security. Thus, choosing the right SIEM solution can be transformative for security teams, helping them manage alerts…

IBM and MuleSoft expand global relationship to accelerate modernization on IBM Power 

2 min read - As companies undergo digital transformation, they rely on APIs as the backbone for providing new services and customer experiences. While APIs can simplify application development and deliver integrated solutions, IT shops must have a robust solution to effectively manage and govern them to ensure that response times and costs are kept low for all applications. Many customers use Salesforce’s MuleSoft, named a leader by Gartner® in full lifecycle API management for seven consecutive times, to manage and secure APIs across…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters