Taking enterprise mobile development beyond the essentials

How the Built.io Backend brings flexible user authentication, granular access control, and other enterprise features to mobile applications

As an enterprise service provider, Built.io (formerly known as raw engineering) learned what organizations need from an MBaaS (mobile back-end as a service) long before making its Built.io Backend available to the public. After years of re-creating a supporting back-end every time we built a product for a new client, we developed Built.io Backend to accelerate our development cycles and reduce the risk normally associated with building innovative solutions that rely on cutting edge technology.

All of these features come standard with a Built.io account at no extra charge. Finally, given the security concerns of many enterprise organizations, Built.io also provides the option to deploy the solution inside of a private cloud environment to ensure that no data is stored on shared or public servers.

Mobile client support

Once you've chosen your platform, initialization inside your codebase is easy. It's often just one line of code, as in the Swift example below:

Built.initializeWithApiKey("your_api_key_here", andUid: "your_app_uid_here")

Objects in the data store are equally as easy to create in Swift:

var obj:BuiltObject=BuiltObject(classUID:"student")
obj.setObject(1, forKey:"student_roll_no")
obj.setObject("Jack Nicholson", forKey:"student_name")
   //save done success
}, onError:{(error:NSError!)in
   //error print(error)

User authentication is also a simple matter of a few lines of code:

var userObj:BuiltUser=BuiltUser()
userObj.loginWithEmail("john@malkovich.com", andPassword: "password", onSuccess: {
}, onError:{(error:NSError!)in

Customized user authentication

Mobile app deployments in enterprise environments typically must support multiple authentication mechanisms. Naturally, this can be a challenge, as these environments are generally characterized by multiple, disparate systems that have operated in fragmented silos for years. Built.io Backend's AnyAuth is our answer to the difficulties inherent in facilitating non-trivial identity-based access management in these complex environments.

AnyAuth allows customers to implement any preferred login mechanism. While Built.io Backend already provides federated login for traditional social networking services like Google, Facebook, and Twitter, and for enterprise social networks like tibbr, enterprise IT and business requirements often dictate further customization of user authentication. Take the example of building a small company intranet site that has to connect to two different internally managed systems with different authentication schemas: a human resources system using LDAP and a conference room scheduling system using Google Apps. Using AnyAuth, an organization can write a custom authentication method that verifies the user's information in the Built.io Backend while also authenticating the user against each of the disparate systems. Once authentication is successful, AnyAuth generates the appropriate auth tokens and the user is logged in to all necessary systems.

AnyAuth is utilized by the Extensions feature of the Built.io platform. The following is an example of a Built.io Backend Extension using AnyAuth that logs in a user automatically if the username exists (no passwords).

var masterKey = 'blt48f2deca473xxxxx';
Built.setMasterKey(masterKey); // necessary for our API to work
Built.Extension.define('login',function(request, response){
var username = request.params.username;
   // our query for an existing user with the username
var query = new Built.Query('built_io_application_user');
query.where('username', username);
   // we *don't* want to create a new user if he doesn't exist
   // update the user with the following parameters
      username: username
      return response.success(res)
   }, function(res){
      return response.error('error', res)

Invoking the Extension written above inside of an iOS application using Objective-C is simple:

[BuiltExtension executeWithName:@"login" data:@{@"username":@"james"}
   onSuccess:^(id response){           
      // response will contain the response of the extension method           
      // here, the response is the user profile, with the authtoken                     
   } onError:^(NSError*error) {                       
      // error block in case of any error    

Permissions and access control lists

Permissions and ACLs (access control lists) exist for a reason, but there are times when security hinders you from providing a seamless user experience. While Built.io Backend allows enterprise organizations to deploy role-based ACLs, there are occassions where ACLs are decidedly inconvenient. In such cases, Built.io Backend allows developers to utilize a secret Master Key to overide all ACLs set within an application. Imagine the use case where a small IT department doesn't want to significantly alter code to allow for a super-user override of certain functions while a normal user is logged in. Writing a Built.io Backend Extension that uses the Master Key to temporarily assign super-user privileges to the logged-in user is a simple solution in this scenario.

As the Master Key is extremely powerful, it should only be used in server-side code, either via Extensions or via your own custom code. As such, JavaScript and REST are the two ways of utilizing the Master Key. Below is an example of creating an object using the Master Key in JavaScript:

var masterKey ='blt48f2deca473xxxxx';
var project =Built.Object.extend('project');
var super_project = new project();
name: 'Super Project #41!',
description: 'This is a very cool project'
onSuccess:function(data, res){
   // object creation is successful
onError:function(err) {
   // some error has occurred
   // refer to the "error" object for more details

Simplifying security through multitenancy

There are times when different applications need to share the same data, and there are times when enterprise organizations need to create silos around their data. For example, in the case of a large organization with applications developed for multiple divisions of the company, it might be useful to have a user who's a super-user in one application but only a regular user in another. Utilizing tenants makes this easy to achieve as the users and the data are not shared between different tenants. A user can have two accounts with two different roles in the ACLs for each application. In addition, Built.io makes it easy to switch between tenants. All it takes is one method call and every subsequent request to Built.io will relate to the new tenant. Below is an example of how to switch tenants in Objective-C after creating a new user in one app.

[Built setTenant:@"app2"];
   // calls hereafter will have the header tenant_uid: xyz sent along with it
   // let's create a new user in app2

BuiltUser*user =[BuiltUser user];

user.email =@"john@malkovich.com";
user.password = @"password";
user.confirmPassword = @"password";

[user signUpOnSuccess:^{
   // user has signed up successfully
} onError:^(NSError*error) {   
   // there was an error in signing up the user
   // error.userinfo contains more details regarding the same

   // now let's switch back to the first app
[Built setTenant:@"app1"];

Overall, Built.io Backend was built with flexibility, ease of use, and scalability in mind. Everything from our multitenancy capabilities to our content management system was created to enable us -- and ultimately our enterprise customers -- to build powerful mobile applications more quickly, and to maintain them more easily. Whereas many MBaaS offerings rely on third-party services for analytics, our built-in analytics and notifications address the needs of business users without adding complexity to the architecture, implementation, and support of the final mobile app.

Experts in the enterprise space even before creating our award-winning MBaaS, Built.io has nearly a decade of mobile app development experience under its belt. Today, our platform benefits from a tight feedback loop through our professional services team that implements Built.io Backend and builds sophisticated mobile solutions for leading companies across industries. Every feature in the platform was borne out of a real world need, designed from the ground up for enterprises, and continuously refined by 150 developers who use the product every day alongside our customers.

Kurt Collins (@timesnyc) is Director of Evangelism at Built.io. Kurt began his engineering career at Silicon Graphics (SGI) where he worked on debugging its UNIX-flavored operating system. Two years ago, Kurt co-founded The Hidden Genius Project along with eight other individuals in response to the urgent need to increase the number of black men in the technology industry. Mentoring young people interested in the technology industry is a personal passion of his. Today, he continues this work with tech startups and non-profits alike.

New Tech Forum provides a venue to explore and discuss emerging enterprise technology in unprecedented depth and breadth. The selection is subjective, based on our pick of the technologies we believe to be important and of greatest interest to InfoWorld readers. InfoWorld does not accept marketing collateral for publication and reserves the right to edit all contributed content. Send all inquiries to newtechforum@infoworld.com.

Copyright © 2015 IDG Communications, Inc.