New capabilities can impact pricing for the App ID service
  • App ID
  • Sydney
    Frankfurt
    London
    Washington DC
    Dallas
  • Description
    We are introducing the following new capabilities for the App ID service to give you the option to strengthen the authentication security:
    • Multi-factor authentication (MFA)
    • Advanced password policies
    Both of these capabilities strengthen authentications for App ID’s Cloud Directory. Cloud Directory is App ID’s scalable user registry. It enables users to sign up through your application and then sign in with the credentials that they set (email and password or username and password). In addition to Cloud Directory, App ID supports enterprise sign-in (by federating SAML-based identity providers or custom ones) and social sign-in (Facebook and Google). These advanced security features have an additional pricing component.

    When you enable either one of these features (or both) from the App ID console, each authentication event is charged as an advanced security event. See the pricing section in the catalog page for more details.

    Note: These features are not available in App ID’s Lite plan or in App ID instances that were created before March 14, 2018.

    What do these new capabilities provide?
    • Multi-factor authentication (MFA) for Cloud Directory authentications offers email-based MFA to start. If you turn MFA on, users will be challenged to provide a one-time code, which they will receive through email. This code will be needed in addition to their password any time they sign in.

      Note: If you are using enterprise sign-in with SAML 2.0 or social login, you can enable MFA in the identity provider that you are using. It is separate from MFA for Cloud Directory authentications, which are described here.
    • When you enable the advanced password policy feature, you can enforce more secure passwords for Cloud Directory. In the App ID console, you can configure a set of rules that to which user passwords must conform. These rules can include the number of times a user can attempt to sign in without getting locked out and the number of times a password cannot be repeated. This advanced policy is separate from the basic ability to set a required password strength in the App ID service.
    This information originated in the MFA and Password Policies for Your Cloud-Native Apps with App ID and Updated Pricing article within the IBM Cloud platform blog.