Announcing App ID integration to IBM Cloud Kubernetes Service

Share this post:

Today, we’re excited to announce App ID integration with IBM Cloud Kubernetes Service. You can use this integration to enforce policy-driven security in a consistent way using declarative configuration of the Ingress Controller to add App ID protection for web applications, APIs, and back-ends. Using this approach, you don’t have to instrument each of your applications separately – all the authorization and authentication flows will be handled automatically for you. No code change is required!


Here is how APP ID works with IBM Cloud Kubernetes Service at a high-level


  1. The request  is sent to Web app or API
  2. Ingress Controller either validates supplied tokens (API flow) or starts a 3-leg OIDC authentication process (Web app flow)
  3. User Authenticates with App ID
  4. App ID access and identity tokens are received and validated by Ingress Controller
  5. The request containing access and identity tokens is forwarded to Kubernetes pods


You can try it out here


What is IBM Cloud AppID?

IBM Cloud App ID is a cloud-native, managed service running in multiple regions and availability zones of IBM Cloud, providing data governance, access management, and other capabilities. It’s the strategic identity service for applications on IBM Cloud. Use it to add authentication to your mobile and web apps and protect your APIs and back-ends running on IBM Cloud. Enable email/password based sign-up and sign-in with Cloud Directory – App ID’s scalable user registry allow your employees to sign-in with their existing credentials via SAML federation or use social sign-in with Facebook and Google. Host user profile info that you can use to build engaging experiences. App ID’s graduated tier pricing is described here.


What is IBM Cloud Kubernetes Service?

A managed Kubernetes service providing an intuitive user experience with on-going cluster management. Built-in security and isolation to enable rapid delivery of apps, while leveraging IBM Cloud Services including Weather data, IoT, Analytics, or AI capabilities with Watson. Available in six IBM regions worldwide, including 19 data centers.  Learn more here.


Engage us in real-time via Slack.  You can register here and join the discussion in the #questions channel on our Slack.

Offering Manager - IBM Cloud Container Service and Istio

More Integration stories
May 1, 2019

Two Tutorials: Plan, Create, and Update Deployment Environments with Terraform

Multiple environments are pretty common in a project when building a solution. They support the different phases of the development cycle and the slight differences between the environments, like capacity, networking, credentials, and log verbosity. These two tutorials will show you how to manage the environments with Terraform.

Continue reading

April 30, 2019

Introducing IBM Analytics Engine v1.2 and Announcing the Deprecation of IBM Analytics Engine v1.0

We are excited to inform you about the new version of IBM Analytics Engine v1.2 that will be available starting May 15, 2019. Along with this release, Analytics Engine v1.0 will be retired.

Continue reading

April 29, 2019

Transforming Customer Experiences with AI Services (Part 1)

This is an experience from a recent customer engagement on transcribing customer conversations using IBM Watson AI services.

Continue reading