ibm-cloudcontinuous-deliveryibm-appid

How can I configure IBM Cloud App ID as part of an open toolchain?


I am using IBM Cloud App ID for user management / authentication and Continuous Delivery with a toolchain to deploy the app to IBM Cloud. There is an API to configure App ID, e.g., to set the password strength or to disable email verification for signup.

How can I use that API within the deploy script of the toolchain?


Solution

  • This can be done by using an IAM (Identity and Access Management) token for the IBM Cloud platform to login, then obtain the App ID credentials to make the API call for the configuration itself.

    #!/bin/bash
    echo Login IBM Cloud api=$CF_TARGET_URL org=$CF_ORG space=$CF_SPACE
    bx login -a "$CF_TARGET_URL" --apikey "$IAM_API_KEY" -o "$CF_ORG" -s "$CF_SPACE"
    
    
    # Set up App ID service
    #
    # Create service key from which to obtain managementUrl
    bx service key-create ${PREFIX}insurance-bot-appid for-pipeline
    # managementUrl includes tenantId
    APPID_MGMT_URL=`bx service key-show ${PREFIX}insurance-bot-appid for-pipeline | grep "\"managementUrl\"" | awk '{print $2}' | tr -d '","'`
    # We need the IAM token
    IAM_OAUTH_TOKEN=`bx iam oauth-tokens | sed -n 1p | awk 'NF>1{print $NF}'`
    # Now configure App ID for Cloud Directory
    FILENAME=".bluemix/appid-config.json"
    curl -v -X PUT --header 'Content-Type: application/json' --header 'Accept: application/json' \
               --header "Authorization: Bearer $IAM_OAUTH_TOKEN" \
               -d @$FILENAME  $APPID_MGMT_URL/config/idps/cloud_directory
    

    I found the code above in this deploy script which is part of a demo with multiple services and microservice architecture.