Integrate Go applications with IBM Cloud App ID by using OAuth 2
One problem that developers face when creating a new app is implementing their own sign-in and identity management mechanism. IBM Cloud App ID can help solve this problem! In this post, I will show you how to integrate Go applications with App ID by using OAuth 2. With this integration, you can use OIDC to retrieve user information when a user logs into your account.
What is App ID?
With IBM Cloud App ID, you can easily add authentication and authorization to your applications and APIs that run on IBM Cloud. With the service’s SDKs and APIs, developers can get a sign-in flow working in minutes, enable sign-in, and start building profiles on your app users. The user profile feature allows developers to aggregate and store information about their users that is provided by an identity provider or learned from their applications, such as preferences. In short, App ID enables your app to be used only by authorized users and ensures that those users have access only to what they should have access to. With App ID, your app experience can be professional, personalized, and, most importantly, secure.
App ID is OAuth 2 and OIDC compliant which allows any compliant authentication framework or SDK—such as Go—to easily integrate with App ID without any additional SDKs.
Sample app overview
The Go application we are going to create is defined as an OAuth 2 client application. This application requires a configuration JSON file that contains the required App ID configuration for this process to run. The main flow exposes a set of endpoints that are needed for the execution of the authorization grant code flowto obtain an access and identity token from App ID. As a result, both the user’s access token and profile are shown on the main
Adding App ID to your app
Have an instance of App ID
Make sure your Go workspace exists in
*You can download the complete sample app here.
Create a new project called
Create the App ID configuration file called
appid/config. The file should contain the following data:
ClientId: The identifier by which the OAuth 2 provider identifies your client.
ClientSecret: The associated secret.
AuthUrl: The URI to which the user is redirected to authorize access to the resource.
RedirectUrl: The callback URL where the flow is redirected after successfully logging in.
appid/static/(style and css files can be also added as needed), with the following content:
appid/with the following content:
Configuring App ID
App ID provides a default configuration social login with Google or Facebook. You can use the default configuration for the purposes of this blog, but the default is not intended to be used in production.
Log in to your IBM Cloud account and navigate to your App ID dashboard. When there, go to Identity Providers -> Manage -> Authentication Settings, and add your redirect URL. This URL should be the same one that is in your
appid_config.jsonfile. For example, if
http://localhost:3000/auth/callbackis your web redirect URL, after App ID finishes the OAuth 2 process, it redirects your app to the provided URL.
Be sure that your desired providers are On in Identity Providers -> Manage.
Navigate to the Service credentials tab and select the credentials entry. Click View credentials and copy the
secretvalues. This information has to be added to the
Executing the sample app
go run main.gofrom
localhost:3000/home. This should show the main login page.
You’ve got a sample app up and running that you can customize to fit your needs. Great job!
We’d love to hear from you with feedback and questions. Get help for technical questions at Stack Overflow with the
ibm-appid tag. For non-technical questions, use IBM developerWorks with the
appid tag. For defect or support needs, use the support section in the IBM Cloud menu. To get started with App ID, check it out in the IBM Cloud Catalog.