IBM Cloud Docs
Social

Social

With IBM Cloud® App ID, you can configure social identity providers to set up a single sign-on experience for your app. By allowing a user to sign in with their social profiles, they no longer have to remember several different passwords for different applications.

Default configuration

App ID provides a default configuration to help you get up and running quickly with the service.

Data is used when you engage in the Permitted Uses of the Service. By using the Service, you agree to adopting the policy for the collection and use of information in accordance with the outlined privacy policy.

When you configure App ID, Facebook, Google, and Cloud Directory are automatically enabled as identity providers. You can change the configuration at anytime. There are default credentials in place for Facebook and Google, but they are IBM credentials and should be used for testing whether to use the service only. Before you publish your app, update the configuration to your own credentials.

You are limited to 20 authentications with the default credentials per instance, per day. If you exceed this limit, error_description=MaxNumberOfDefaultKeysUsageExceeded appears at the end of the authentication process.

Configuring Facebook

You can configure the App ID service to use Facebook as an identity provider.

Getting an app ID and secret from Facebook

To use Facebook as an identity provider, you must add and configure the website platform on your Facebook application.

  1. Log in to your account on the Meta for Developers site.
  2. Make note of the Facebook application ID and secret in the Basic section of the Settings menu. These values are needed to configure your web project for authentication in your service dashboard.
  3. From the products list, select Facebook Login.
  4. Select the platform and enter the site URL.
  5. On the Facebook Login settings page, enter the authorization server callback endpoint URL in the Valid OAuth redirect URIs field.
  6. Click Save Changes.

Configuring App ID for Facebook authentication

When you have your Facebook app ID and secret, and your Meta for Developers app is configured to serve web clients, you can edit the Facebook authentication in your service dashboard.

  1. From the Manage tab of your service dashboard, select Facebook and click Edit.
  2. Enter the Facebook application ID and secret that you obtained from the Meta for Developers website.
  3. Copy the URI that is in the Redirect URI for Meta for Developers field. Paste the URI into the Valid OAuth redirect URIs field in the Facebook Login Settings section of the Meta for Developers site.
  4. Click Save.
  5. Optional: For web apps, enter the redirect URL in the Web Application Redirect URLs field. This value is determined by the developer and used to access the redirect URL after the authorization process is completed. The URL must follow an http or https scheme. For a higher level of security, use an https scheme.

Configuring Google

You can configure the App ID service to use Google as an identity provider.

Getting a client ID and secret

Google documentation link

Create a project in the Google Cloud Platform, configure the project to serve web clients, and obtain a client ID and secret.

  1. Create a project.
  2. Open credentials page of the Google APIs console.
  3. If your project doesn't have a Web application-type client ID, click Create credentials > OAuth client ID.
  4. Configure your level of consent.
  5. In the Authorized JavaScript Origins field, input your site's domain.
  6. Click Create.
  7. Copy Your Client ID and Your Client Secret

Configuring App ID for Google authentication

After you configure your Google project and have your client ID and secret, you can edit your service dashboard for Google authentication.

  1. From the Manage page of your service dashboard, select Google and click Edit.
  2. Enter the client ID and secret that you obtained from the Google Cloud Platform.
  3. Authorize the App ID URL.
    1. Copy the Redirect URL for Google Cloud Platform from the Google identity provider details.
    2. On the credentials page of your Google project, select the client ID that you created for this integration.
    3. Paste the URL from App ID into the Authorized redirect URIs field and click Save.
  4. Click Save to update your Google configuration in App ID.
  5. For web apps, enter a redirect URL in the Manage tab. After the authorization process completes, a user is sent to this URL. The URL must follow an http or https scheme. For a higher level of security, use an https scheme.