Your success in building out new business solutions through IoT will be dependent on you leveraging a secure and trusted IoT vendor. Additionally, you will be building and integrating applications and solutions around the Watson IoT Platform.
We previously hinted how the Watson IoT Platform will continue to take advantage of IBM Cloud’s Identity and Access Management (IAM). Cloud IAM provides common user identity and authorization across IBM Cloud services for administrators and developers that work directly with cloud services. In this blog post we are providing more details.
In order to design and develop a secure IoT solution you need to be able to allow users to authenticate API calls. Previously you may have been leveraging a single, secure, API token with multiple users. Whilst this is an approach, you had to manage the logic and auditing for each user in your own custom code.
You can now can use the Cloud IAM integration in the Watson IoT Platform to authenticate REST API calls directly with user identities. Programatically this is accomplished by having a user log into Cloud IAM and then retrieving an IAM OAuth token that can be used to authenticate that user to Watson IoT Platform REST APIs.
An additional benefit of authenticating APIs with user idenities is that you will have traceability and auditability because the Watson IoT Platform also logs the username of the API caller.
This capability is available now as beta functionality for all APIs except for the Messaging APIs used for publishing and subscribing to messages. For more information please read our official documentation. As always we welcome your feedback.