November 27, 2017 By Carmel Schindelhaim
Beery Holstein
3 min read

New in App ID – Let Users Sign-up and Sign-in to your Apps with an Email and Password

We are excited to launch our newest IBM Cloud App ID feature, Cloud Directory, that makes it easy for you to add user sign-up and sign-in to your mobile and web apps. Cloud Directory provides you with a user registry for your apps that scales with your user base, and includes simple ways to authenticate users to your apps using email and password. Cloud Directory has pre-built functionality for enhanced security and self service, like email verification, and password reset.

More broadly, App ID is an authentication and profiles service for developers to help you easily add authentication to your apps, and secure access to your APIs and app back-ends running on IBM Cloud. With App ID SDKs and APIs, you can get a sign-in flow working in minutes, enable social log-in through Google and Facebook, and add email/password sign-in. Use the the App ID User Profiles feature to store information about your users, like their app preferences, and leverage that info to build custom app experiences.

With Cloud Directory, let users sign-up directly from your app. Then, users have the option to sign-in with the email address and password that they set, or sign-in through external identity providers like Facebook and Google. Use pre-built functionality for email verification, and password reset. Configure the workflow to suit your needs, like to allow users to use your app for a period of time before they verify their email address. Take advantage of Cloud Directory client side APIs to allow users to change their password whenever they need to, or to log-out of your app.

App ID’s Cloud Directory includes a prebuilt sign-up and sign-in UI widget that you can use in your app, and a UI to let users reset their passwords. You can customize the logo and color scheme. If you want use your own branding, replace the default Cloud Directory sign-in UI with your own.

Cloud Directory integrates easily with App ID’s User Profile service, just as App ID’s social log-in functionality does. You can store data about users who choose to log-in with an email and password, and use that data to personalize their app experience. Also, users can start using your app anonymously, and when they do decide to sign-up or log-in, their saved attributes will carry over from their anonymous profile.

All this functionality is designed to save a lot of time you might otherwise spend writing custom code to build authentication flows, and time getting into the weeds of different security protocols and standards. App ID is built with the latest security standards, like OAuth2, OIDC, and SCIM, and allows you to easily meet security and privacy requirements to handle user data and sensitive info like passwords. Also, by enabling self service flows through App ID, you reduce help-desk traffic, which is always a good thing!

We’d love to hear from you with feedback and questions. Get help for technical questions at Stack Overflow, with the ‘ibm-appid’ tag. For non technical questions, use IBM developerWorks, with the ‘appid’ tag. For defect or support needs, use the support section in the IBM Cloud menu.

Also, for those of you who used Mobile Client Access (MCA) previously, some of you may have used the custom authentication feature of MCA to use a User Repository that you built yourself to manage users for your apps. If so, you might want to go check out Cloud Directory.

To get started with App ID, check it out in the IBM Cloud Catalog

– The App ID team

More from Security

Tech industry ramps up efforts to combat rising deepfake threats

2 min read - Deepfake fraud is surging, signaling an alarming trend in corporate security. Scammers can now create convincing voice impersonations of executives, potentially manipulating stock prices and orchestrating multi-million dollar frauds. As companies rush to bolster defenses, experts say many remain unprepared for this rapidly evolving threat. "Bad actors have a low barrier to entry," warns Srinivas Tummalapenta, an IBM Distinguished Engineer & CTO of IBM Security Services. With just $5 and a minute-long voice sample, scammers can now impersonate CEOs, potentially…

Defending sensitive personal data with granular access controls

3 min read - Cybersecurity is a 24/7 focus of 2Bsecure, an IBM Business Partner that empowers mid-sized and large organizations across all sectors to protect their systems and data against a rising tide of attacks and exploits. As a result, 2Bsecure has helped Bituach Haklai, a leading insurer in Israel, harden its databases with granular access controls backed by intelligent monitoring. Addressing growing cybersecurity challenges Our client, Bituach Haklai, originally offered insurance services to the farming industry. For years, they had no real…

ISG Ranks IBM as Leader in Cybersecurity Across Multiple Domains

2 min read - As data breaches continue to soar in number and sophistication, enterprises are taking a proactive approach to fortify their cybersecurity defenses. According to a recent report by Information Services Group (ISG), a leading global technology research and advisory firm, data breaches rose significantly between 2022 and 2023, with healthcare and financial services firms being targeted most often. Additionally, in the recent IBM Cost of a Data Breach Report, the average cost of a data breach has increased to an all-time high…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters