How-tos

Getting Started with Inversoft Passport on IBM Bluemix

Share this post:

Inversoft Passport brings a wealth of APIs to IBM Bluemix that allow you to authenticate and authorize users to your application. Supporting industry standard security specifications such as OAuth2 and JSON Web Tokens (JWT), Passport’s OAuth2 implementation comes with theme support to ensure your Web forms look and feel like your brand. User discipline and an event-based webhook system allows for creative integrations and complex service orchestration.

Inversoft Passport logoAs your application matures and your user base grows, you’ll need a modern interface to perform user management tasks. Localized email templating, powerful search, user analytics and a responsive web interface provide value and allow you to focus on what is important. Anything you can do from Passport’s web interface can also be accomplished via the REST API.

Adding the Passport Service to your Bluemix Dashboard

Let’s get started using Passport on Bluemix. Search for Passport in the Bluemix Catalog, and you’ll be presented with the service tile. Click on the service tile, and you’ll get the Catalog Service Details page, as shown below.Screen shot of Inversoft Passport in the Bluemix catalog

You’ll need a few pieces of information before you can bind this service to your Bluemix application.

If you don’t already have a Bluemix account, you can register for a free 30-day trial.

Try or Buy

If you already have a Passport license, you can skip this step.

Navigate to https://www.inversoft.com/try-passport and click Try it free.

Your first two weeks are free for any package you select, at the end of your trial period you will have the opportunity to purchase. Contact sales@inversoft.com with any other questions you may have on licensing.Screen shot of Passport sign-up

Once you’ve completed registration and you’ve been taken to your Inversoft Account page, you’ll be provided with the information needed to complete your Bluemix integration.

Setup Passport

Next, you’ll complete the initial setup wizard. Click on the Passport Backend URL on your Inversoft Account page. This will open up the user interface, and you’ll be presented with the Setup Wizard. Follow our Setup Wizard Tutorial to complete this step.

URLs and API Keys

To complete the Bluemix service integration, you’ll need the Passport Backend URL, Passport Frontend URL, API key and an Application Id. Complete the following tutorials to create an Application and one or more API keys.

The two URLs are defined on your Inversoft Account page; the API key was created during the above tutorial, and the Application Id is available after you have created an application. A Passport application represents a secured resource, in this case that is your Bluemix application.

Circle Back

Now that you have all of the details, you’ll need to complete the Bluemix service connection. Head back to your Bluemix console and enter the values. The following three values will be added to the Passport service as shown in the initial screenshot above:

  • API Key
  • Passport Backend URL
  • Passport Frontend URL

The other two pieces of information we’ll need will be added to each Bluemix application specifically as User Defined Runtime Environment Variables. The values in the screenshot are only an example, your values will be different.Screen shot of Bluemix Console Runtime Variables

You’re done! Now comes the code.

Example Code

Once the service has been connected to your Bluemix application, these credentials will be available to your application at runtime. The following is an example of the user provided service credentials.

{
 "user-provided": [
  {
   "credentials": {
    "api_key": "0e116a6e-ca00-47cd-804e-b04f9adea296",
    "passport_backend_url": "https://demo-passport.inversoft.io",
    "passport_frontend_url": "https://demo-login.inversoft.io"
  },
  "syslog_drain_url": "",
  "label": "user-provided",
  "name": "Passport-vz",
  "tags": []
  }
 ]
}

We’ll use this information at runtime to connect to Passport and begin making API calls.

// User defined Environment Variable : passport_application_id
let applicationId = process.env.passport_application_id;

// User defined Environment Variable : passport_service_name
const serviceName = process.env.passport_service_name;

const services = JSON.parse(process.env.VCAP_SERVICES);
let passport = null;
const user_provided = services["user-provided"];
for (let i=0; i < user_provided.length; i++) {
   if (user_provided[i].name === serviceName) {
      passport = user_provided[i];
   }
 }

let apiKey = passport.credentials.api_key;
let backendURL = passport.credentials.passport_backend_url;
let frontendURL = passport.credentials.passport_frontend_url;

Next, you’ll construct the Passport Client using the Node.js Passport Client library.

const PassportClient = require('passport-node-client');
let passportClient = new PassportClient(apiKey, backendURL);

Now, you can make all of the API calls you want. Start by retrieving the RSA Public Key so you can verify JSON Web Tokens signed by Passport.

passportClient.retrieveJwtPublicKeys(applicationId)
.then((response) => {
   // Store off this public key to use when verifying JWT signatures
   const publicKey = response.successResponse.publicKey;
});

Next, you’ll register a new user.

let request = {
    user: {
     email: 'user@example.com',
     password: 'super-secret',
     firstName: 'Joe',
     lastName: 'User'
   },
   registration: {
     applicationId: 'ea1a58bf-ae29-4c92-925a-591915aee646'
     roles: [
      'admin', 'user'
    ]
   },
   skipVerification: true
  };
passportClient.register(null, request);

And then, log that new user into the registered application.

let request = {
  loginId: 'user@example.com',
  password: 'super-secret',
  applicationId: 'ea1a58bf-ae29-4c92-925a-591915aee646'
};
passportClient.login(request);

Summary

Following the instructions in this blog article, you learned how to bind the Passport service to your Bluemix-built app. At the bottom of this article, you can post comments or questions. Please feel free to post/share your comments and questions!

And, now that you’ve added Passport to your Bluemix app, it’s important to review the seven core strengths:

  1. Reduced Time to Market
  2. Multiple Applications
  3. Security
  4. Service Orchestration
  5. Localization
  6. Freeform User Data and Segmentation
  7. Reporting

The next blog post will go into more detail on the seven core strengths mentioned above, so stay tuned!

Documentation and Support

Passport has got great API documentation and even better support! When you contact support, your email will be viewed by a member of the Passport team.

For some review and additional details, take a look at this Bluemix Integration Tutorial. The complete API documentation is also available.

If you get stuck, send a note to support@inversoft.com. The team will be happy to give you a hand!























































































































































































































































More What's New Stories

Securely Access MongoDB from a Spring Boot App Running on Bluemix Kubernetes Using Kubernetes Secrets

This example builds on my previous post where I showed how to access a Bluemix MongoDB service from a Spring data app running locally. In that simple example the MongoDB credentials were either hard coded in the application or specified manually on the command line.

Continue reading

Accessing a Bluemix MongoDB Service from a Java Spring Boot Application

In this blog post I'll show how to access a Compose for MongoDB database running on IBM Bluemix from a Spring boot application running locally. Spring is a popular open source framework and container for Java applications. MongoDB is a popular open source document oriented NoSQL database that uses JSON-like documents.

Continue reading

Spring, Liberty and Single Sign On

Have you ever wondered how you could protect your Spring app with the Bluemix SSO service? In this article, we’ll cover how you can convert a Spring application running on Liberty from using a manually configured Open ID Connect (OIDC) Server, to using the Bluemix Single Sign On service. A short while ago I wrote […]

Continue reading