Authentication

The following authentication mechanisms are supported. The authentication mechanisms available on your subscription depend on how it was set up.

Basic authentication

The user has an account on the cloud subscription and logs in to the subscription directly through the cloud portal using an email address and a password that meets the security requirements of IBM® Digital Business Automation on Cloud.

SAML authentication

Security Assertion Markup Language (SAML) is an XML standard for exchanging single sign-on information. Your cloud subscription must be explicitly set up for SAML authentication. The user has an account on the cloud subscription but logs in to the subscription through a third-party login service.

The following authentication mechanisms are supported:

Basic authentication

A client application authenticates with the cloud subscription by using a set of service credentials provided by the account administrator. All cloud subscriptions support basic authentication for services. For more information, see Managing service accounts and Using service credentials to authenticate client applications.

OAuth 2.0 based authentication

Open Authorization (OAuth) 2.0 authentication is an open standard for authorization. Client applications require a set of OAuth 2.0 client credentials and a set of DBA on Cloud service credentials to authenticate with the cloud subscription. Note that the resulting OAuth access tokens are not passed to applications running on the subscription. For more information, see Using OAuth 2.0 based authentication for client applications.

Note: OAuth 2.0 based authentication is not enabled by default on cloud subscriptions. If you'd like to use it, submit a request through the IBM Support Portal.