Enhanced Identity Filters

User Guide: Integration > Advanced Configurations > Enhanced Identity Filters - Integration Services

Enhanced Identity Filters

Identity filters are an enhanced data filtering mechanism that you can use to filter data for a mobile app based on dynamic fields returned from an identity provider.

A backend response returned from an identity service has two kinds of attributes profile attributes and security attributes:

• Profile attributes refers to the attributes such as First Name, Email, Phone Number, which identify a user.

• Security attributes are associated with a session such as tokens required to make API calls to a backend, for example, access_token.

Identity filters are supported for the following service types:

• Enhanced Identity Filters - Integration services
• Enhanced Identity Filters in Objects > Storage Services  and  Service-Driven Objects

Enhanced Identity Filters - Integration Services

For identity filters to work, you must protect an integration service with an identity provider. For example, if an identity provider responds with a profile that has userid as one of its attributes after a successful login, use profile.userid as a value to pass it as request parameter to the backend. The response is filtered based on the value mentioned in userid.

When an integration service is protected with the identity provider, the operations of the integration service are enabled with an identity filter.

To configure identity filters to an integration service, follow these steps:

1. Create an integration service.

2. Create an operation for the integration service. For example, IntIdt

3. In the operation's Request Input > Body tab, do the following:

   1. In the NAME field, enter the name for the request input parameter - for example, identityuserid.

   2. Click the drop-down menu in the Value column, and select identity.

      An identity value indicates that Volt MX Foundry will retrieve the value specified from the user's security profile in the identity service that is linked to the object service.

   3. From the drop-down list next to the identity value, do the following:

      1. Select the type of the identity provider from the drop-down list. For example, GoogleOAuth or FacebookOAuth.

         

      2. Select the type of the attribute from the drop-down list. For example, profile or security,

      3. Next to the attribute, enter the attribute key as obtained from a backend, for example, profile.user.id.

         • Add the following details.

           NAME	VALUE		zzEmptyCellzz
           identityuserid	identity	profile.user_id
           sessionparam	identity	security.access_token
           identityname	identity	profile.name

           

   4. Click SAVE to save the operation.

   5. In the operation's Request Input > Header tab, do the following:
   6. In the NAME field, enter the name for the request input parameter -for example, identityuseridheader.
   7. Click the drop-down menu in the Value column, and select identity.

   8. From the drop-down list next to the identity value, select profile/security, and then enter profile.user.id.
      Add the following details.

      NAME	VALUE		zzEmptyCellzz
      identityuseridheader	identity	profile.user_id
      sessiontokenheader	identity	security.access_token
      profilenameheader	identity	profile.name

   9. Click SAVE to save the operation.

Note: In case you want to use identity filters with a custom code, you can define JavaScript preprocessor and postprocessor.