Introduction
Application security can be really complicated. For most developers, it's one of the hardest parts of creating an app. How can you be sure that you are protecting the information your users share with you?
By integrating IBM® Cloud App ID into your apps, you can secure resources and add authentication, even when you don't have a lot of security experience. By requiring users to sign in, you can store user data such as app preferences or information from the public social profiles. Then, you can use that data to customize each user's experience of your app. With this API you can start building profiles on your users.
Don't see the API endpoint that you're looking for? Check out the other APIs for Management and Authentication and authorization.
Endpoint URLs
App ID supports region-specific endpoint URLs that you can use to interact with the service over public service endpoints. To make requests to the Profiles API, you supply the endpoint URL that corresponds with the location where your App ID service instance resides.
Endpoint URLs by location
- Dallas:
https://us-south.appid.cloud.ibm.com - Frankfurt:
https://eu-de.appid.cloud.ibm.com - London:
https://eu-gb.appid.cloud.ibm.com - Osaka:
https://jp-osa.appid.cloud.ibm.com - Sao Paulo:
https://br-sao.appid.cloud.ibm.com - Sydney:
https://au-syd.appid.cloud.ibm.com - Tokyo:
https://jp-tok.appid.cloud.ibm.com - Toronto:
https://ca-tor.appid.cloud.ibm.com - Washington:
https://us-east.appid.cloud.ibm.com
Base URL
https://{region}.appid.cloud.ibm.com
Authentication
The Profiles API is protected by App ID access tokens. An access token represents authorization and enables communication to protected resources. The tokens conform to JavaScript Object Signing and Encryption (JOSE) specifications and are formatted as JSON Web Tokens. There are several ways to obtain a token. For help, check out the documentation.
Auditing
You can monitor API activity within your account by using the IBM Cloud Activity Tracker service. Whenever an API method is called, an event is generated that you can then track and audit from within Activity Tracker. The specific event type is listed for each individual method.
For more information about how to track App ID activity, see Auditing events for App ID.
Error handling
The App ID APIs use standard HTTP status codes to indicate whether a method completed successfully. HTTP response codes in the 2xx range indicate success. A response in the 4xx range is some sort of failure, and a response in the 5xx range usually indicates an internal system error.
| Status code | Description |
|---|---|
| 200 OK | Everything worked as expected. |
| 201 OK | Everything worked as expected. No content is returned. |
| 400 Bad Request | The request was unsuccessful, often due to a missing required parameter. |
| 401 Unauthorized | The parameters were valid but the request failed due insufficient permissions. |
| 404 Not Found | The requested resource doesn't exist. |
| 409 Conflict | The requested resource conflicts with an already existing resource. |
| 410 Gone | The requested resource was deleted and no longer exists. |
| 429 Too Many Requests | Too many requests hit the API too quickly. |
| 500 Internal Server Error | Something went wrong on App ID's end. |
Related APIs
Don't see the API endpoint that you're looking for? Check out the other APIs for Management and Authentication and authorization.
Methods
Request
No Request Parameters
curl -X 'GET'\'https://{region}.appid.cloud.ibm.com/api/v1/attributes' -H 'accept: application/json' -H 'Authorization: Bearer {acess_token}'
Response
Status Code
A successful response returns a JSON object that contains all of the attributes. If no attributes have been set, an empty JSON object is returned.
Unauthorized. Obtain a valid accesss token and try the request again.
The request failed. Wait a few minutes and try again.
{ "role": "User", "favorite-food": "Pizza", "nick-name": "Joe" }
Request
Path Parameters
The name of the attribute that you want to set.
The value that you want to give the attribute. For example, if the attribute name is 'favorite-food' then the attribute value might be 'pizza'.
curl -X 'PUT'\'https://{region}.appid.cloud.ibm.com/api/v1/attributes/{attributeName}' -H 'accept: application/json' -H 'Authorization: Bearer {acess_token}' -H 'Content-Type: text/plain' -d '<value>'
Response
Status Code
A JSON object that contains the newly created or updated attribute.
The attribute is created.
The request is not formatted correctly. Validate your JSON configuration and try the request again.
Unauthorized. Obtain a valid accesss token and try the request again.
{ "role": "admin" }