Introduction

Application security can be incredibly complicated. For most developers, it's one of the hardest part of creating an app. How can you be sure that you are protecting your users information? By integrating IBM® Cloud App ID into your apps, you can secure resources and add authentication; even when you don't have a lot of security experience. By requiring users to sign in to your app, you can store user data such as app preferences or information from the public social profiles, and then use that data to customize each experience of your app. With this API you can start building profiles on your users.

Don't see the API endpoint that you're looking for? Check out the other APIs for Management and Authentication and authorization.

Authentication

This API is protected by App ID access tokens. An access token represents authorization and enables communication to protected resources. The tokens conform to JavaScript Object Signing and Encryption (JOSE) specifications and are formatted as JSON Web Tokens. There are several ways to obtain a token. For help, check out the official documentation.

Error handling

This API uses standard HTTP response codes to indicate whether a method completed successfully. Check out the following table for a general description of each error type.

HTTP error code Description Recovery
200 Success The request was successful.
400 Request error There is some type of error in the request. Be sure that it is formatted in proper JSON.
401 Invalid token The request does not contain a valid access token. Obtain a new access token.
404 Not found The requested resource couldn't be found.
408 Request timeout The connection to the server timed out. Wait a few minutes and try again.
500 Internal server error The service is currently unavailable. Please wait a few minutes and try again.

Methods

Returns all attributes

GET /api/v1/attributes
Request

No Request Parameters

This method does not accept any request parameters.

Response

Status Code

  • JSON object containing all the attributes, or an empty JSON object if no attributes have been set

  • Unauthorized response if the request does not contain a valid access token

No Sample Response

This method does not specify any sample responses.

Returns the value of an attribute

GET /api/v1/attributes/{attributeName}
Request

Path Parameters

  • The name of the attribute to get

Response

Status Code

  • JSON object containing the requested attribute an it's value, in case the attribute is found

  • Unauthorized response if the request does not contain a valid access token

  • Not found message if the attribute does not exist

No Sample Response

This method does not specify any sample responses.

setAttribute

PUT /api/v1/attributes/{attributeName}
Request

Path Parameters

  • The name of the attribute to set

The value to set given attribute to

Response

Status Code

  • JSON object containing the newly created or updated attribute

  • Created

  • Bad request error in case the request is not a proper JSON

  • Unauthorized response if the request does not contain a valid access token

No Sample Response

This method does not specify any sample responses.

deleteAttribute

DELETE /api/v1/attributes/{attributeName}
Request

Path Parameters

  • The name of the attribute to delete

Response

Status Code

  • OK

  • Empty response if the attribute was found and deleted successfully

  • Unauthorized response if the request does not contain a valid access token

  • If the attribute was not found

No Sample Response

This method does not specify any sample responses.