Using a new API announced by Amazon Web Services, developers can use Amazon.com, Facebook, or Google's sign-in systems for their cloud-based apps.
Amazon calls the concept Web identity federation, and the new AWS Security Token Service (STS) API (application programming interface) simplifies the development process by letting users integrate Web-based sign-in platforms with their apps without having to write any server-side code, according to Amazon.
[ Learn how to greatly reduce the threat of malicious attacks with InfoWorld's Insider Threat Deep Dive PDF special report. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
In addition to Google and Facebook, Amazon Web Services has also integrated the recently announced Login with Amazon, a free service that lets third party apps and websites use the online retail giant's system for authenticating users.
The API -- which is called AssumeRoleWithWebIdentity -- requests temporary security credentials for users that have been authenticated using one of the three public identity providers. An app can then use the temporary credentials to access AWS resources such as Simple Storage Service (S3) objects, DynamoDB tables, or Simple Queue Service queues.
A smartphone app can store player and score information in an Amazon S3 bucket or an Amazon DynamoDB table, according to Amazon. Because the app needs to be able to distinguish individual users, users cannot be anonymous, it said.
To help developers get started, Amazon has published an article entitled "Creating temporary security credentials for mobile apps using identity providers" on the AWS documentation website, which includes code examples.
Send news tips and comments to firstname.lastname@example.org.