IBM Cloud Integration

1. Overview

This tutorial will help you get going with FusionAuth in IBM Cloud. FusionAuth is free for unlimited users, if you’re looking for pricing for support or hosting, please review the Pricing page. Find FusionAuth in the IBM Cloud catalog under the Security and Identity category.

 

2. What you will need

If you would like to bind the FusionAuth service to your IBM Cloud application you will need the following two pieces of information.

  1. API Key

  2. FusionAuth URL

You may optionally omit entering these values and provide them to your application using your preferred configuration method.

IBM Cloud service binding

3. Install FusionAuth

FusionAuth can install anywhere, when deploying to IBM Cloud you may wish to run it on a dedicated VM or within a container. If you will be installing FusionAuth on a VM, you may use the FastPath installation guide once you have a VM up and running in IBM Cloud. If you will be installing FusionAuth in a Docker container running in IBM Cloud, review the Docker installation guide.

4. Complete the Setup Wizard & Configuration

Once you have installed FusionAuth, you’ll need to complete the Setup Wizard to create your first user and get logged into the UI.

Complete the following tutorials to complete the initial setup to prepare for integrating FusionAuth.

In FusionAuth, each authenticated resource is represented by an Application. You’ll want to create a FusionAuth Application for each IBM Cloud application you’ll be connecting to the FusionAuth service.

5. Adding the Credentials to your FusionAuth Service

Now return to the FusionAuth service in IBM Cloud and enter the API Key and URL of the FusionAuth service and then 'Create' the service.

6. Example Code

The following are some code examples in Node.js and show usage of our Node.js FusionAuthClient to make API calls. We have other client libraries to assist you during integration, check out our other Client Libraries.

Obtain the credentials from the VCAP_SERVICES runtime Environment Variable to connect to the FusionAuth API.

// Application Id from the Application created during FusionAuth Setup Wizard & Configuration
let applicationId = '63c97b95-1ae9-43a3-a0f3-02ea4a04adae';

// User defined Environment Variable : passport_service_name
const serviceName = process.env.passport_service_name;

const services = JSON.parse(process.env.VCAP_SERVICES);
let passport = null;
const user_provided = services["user-provided"];
for (let i=0; i < user_provided.length; i++) {
    if (user_provided[i].name === serviceName) {
        passport = user_provided[i];
    }
}

let apiKey = passport.credentials.api_key;
let backendURL = passport.credentials.passport_backend_url;

6.1. Construct the FusionAuth Client

const FusionAuthClient = require('passport-node-client');
let FusionAuthClient = new FusionAuthClient(apiKey, backendURL);

6.2. Retrieve the JWT Public Key to verify JWT signatures

FusionAuthClient.retrieveJwtPublicKeys(applicationId)
.then((response) => {
    // Store off this public key to use when verifying JWT signatures
    const publicKey = response.successResponse.publicKey;
});

6.3. Register a New User

let request = {
    user: {
      email: 'user@example.com',
      password: 'super-secret',
      firstName: 'Joe',
      lastName: 'User'
    },
    registration: {
      applicationId: 'ea1a58bf-ae29-4c92-925a-591915aee646'
      roles: [
        'admin', 'user'
      ]
    },
    skipVerification: true
};

FusionAuthClient.register(null, request);

6.4. Authenticate a User to the newly registered Application

let request = {
  loginId: 'user@example.com',
  password: 'super-secret',
  applicationId: 'ea1a58bf-ae29-4c92-925a-591915aee646'
};

FusionAuthClient.login(request);