Mobile User Authentication with

On-Premise LDAP Server / Social Login using IBM Mobile Foundation

‘My Ward’ – what is the app about

Services used

IBM Mobile Foundation V8

Business Teams

Development

IT Operations

TeamsMobile

Projects

Offline Sync with on

Device data

Rich Push notification

Manage Feature Release using Live

Update

AI Model Distribution

Adapters for Cognitive services

MobileAnalytics with

Crash and Alert

App LifecycleManagement

Backend logic and enterprise integration

Adapter auto generation for any

Backend REST and Cloud

Functions APIs

{API}

Mobile optimized REST APIs

Comprehensive Security

Mobile Foundation Dev and Admin CLIs

Starter Projects, Ready Apps,

Samples

Flexible Hosting Choice

Digital App Builder

SDKs

MF Client SDKs

App lifecycle, crash analytics, security, push,

app authenticity events

/api

Om

ni-c

hann

el A

PI E

nd p

oint

s

Secured Mobile App Backend

§ App Authenticity§ App Checksum

§ Device whitelist/blacklist

§ Certificate pinning checks

§ Version enforce§ Authorization

Server

REST APIs

§ REST annotated Java

§ Javascript§ Define scopes

and policies§ Auto-Gen

framework

Adapters

• HTTP• Cloudant• Cognitive

services• Cognitive NLU &

Conversation• Open Whisk

Rules

Push Analytics Offline Sync

Console Direct & LiveUpdate

Platform Services

On-premServers

App DistributionTooling• Rich CLI • RMAD*

• Standalone server• Samples, SDKs

PLAN DEV BUILD TEST DEPLOY PROD

Mobile Foundation V8

onCloud

Backend

API G

atew

ay (M

icro

serv

ice

laye

r)

/api

Web Server to host Web artifacts

/api

/api

IBM Mobile Foundation Architecture

CI/CD DevOps

Base pattern – Hybrid mobile app with cloud native backend

Code - https://github.com/IBM/Ionic-Mobile Foundation-App/

Mobile User Authentication pattern – built on base pattern

Components setup

1. Create Cloudant database and populate it with sample data

2. Create IBM Cloud Object Storage service and populate it with sample data

3. Setup LDAP server and Secure Gateway Client

4. Register Android App with Google and Facebook for Social Login

Architecture flow diagram

User

Maps

Ionic application

SDK

Sign-in service

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

Resource

Adapter

2

Social Login

security check

Mobile FoundationSDK

1

facebooklogin()

this.fb.login(['public_profile', 'user_friends', 'email']).then(res => {if(res.status === "connected") { ….var accessToken = res.authResponse.accessToken; …

3

User

Maps

Ionic application

SDK

Sign-in service

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

Resource

Adapter

4

Social Login

security check

Mobile FoundationSDK

WLAuthorizationManager.login(this.securityCheckNameSocial, credentials)

User

Maps

Ionic application

SDK

Sign-in service

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

Resource

Adapter

5

Social Login

security check

Mobile FoundationSDK

Validate the accesstokenHTTPS GET https://graph.facebook.com/

User

Maps

Ionic application

SDK

Sign-in service

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

Resource

Adapter

6

Social Login

security check

Mobile FoundationSDK

Receive the authenticated user information from the securitycheck

User

Maps

Ionic application

SDK

Sign-in service

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

Resource

Adapter

7

Social Login

security check

Mobile FoundationSDK

@GET@OAuthSecurity(scope = "socialLogin")@Path("/socialLogin")@Produces("application/json")public Response getAllEntries_sl() throws Exception {

… }

User

Maps

Ionic application

SDK

Sign-in service

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

Resource

Adapter

8

Social Login

security check

Mobile FoundationSDK

@GET@OAuthSecurity(scope = "socialLogin")@Path("/socialLogin/objectStorage")@Produces("application/json")public Response getObjectStorageAccess_sl() throws Exception { … }

User

Maps

Ionic application

SDK

Sign-in service

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

Resource

Adapter

9

Mobile FoundationSDK

Mobile app initializes image-caching plugin Uses the authorization token to fetch the images from Object storage. Mobile app displays the data obtained from MFP adapter as a list of items. The image caching plugin running on the mobile app downloads and caches images from Cloud Object Storage.

10

Social Login

security check

User

Maps

Ionic application

SDK

Sign-in service

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

Resource

Adapter

Social Login

security check

2

3

4

5

678

9

10Mobile Foundation

SDK

User

Maps

Ionic application

Mobile FoundationSDK

MOBILEFOUNDATION

OBJECTSTORAGE

CLOUDANT

Provider Cloud

LDAP security

check

Resource

Adapter

1

Customer Data center

SECURE GATEWAY

Secure Gateway

Client

Enterprise LDAP Server

2

4

3

5 67

8

login()

WLAuthorizationManager.login(this.securityCheckName, {'username':username, 'password':password})

<property name="ldapURL" defaultValue="ldap://caplons.integration.ibmcloud.com:11111" displayName="The LDAP Server URL"/>

Demo

1. DevOps with Mobile Foundation2. In App Feedback for obtaining direct feedback from end users3. PWA Support4. React Native SDK5. Security Capabilities6. Offline Sync7. Low code App Development

• Other Useful Linksv Industry Ready Appsv Mobile Blogsv Dev Centerv Stack Overflowv Slackv Get Help

Resources - Links

1. Develop a hybrid mobile app with a cloud-native back endhttps://developer.ibm.com/patterns/develop-hybrid-mobile-app-with-cloud-native-back-end/https://github.com/IBM/Ionic-MFP-App/

2. Secure mobile offline synchronizationhttps://developer.ibm.com/patterns/secure-offline-synchronization-ibm-mobile-foundation/https://github.com/IBM/MFP-JSONStore-OfflineSync

3. Mobile User Authentication with On-premise LDAP Server/Social Login using Mobile Foundationhttps://developer.ibm.com/patterns/implementing-mobile-user-authentication

https://github.com/IBM/MFP-Auth-LDAP/

4. Tag-based push notifications using IBM Mobile Foundationhttps://github.com/IBM/tag-based-push-notifications

Resources – Code Patterns