Account

Signing in

How authentication works in IBM Bob, including IBMid login, SSO with a company identity provider, and what to expect when your organization moves to single sign-on.

IBM Bob uses a single login entry point at bob.ibm.com/login for all clients: the IDE extension, Bob Shell, and Bob Web. All authentication flows, including IBMid and company single sign-on (SSO), go through this shared page.

How login works

When you sign in to Bob for the first time, or after your session expires, Bob opens your browser to the login page. Enter your IBMid email address and click Continue to be routed to the right identity provider automatically.

What happens:

  1. Bob opens bob.ibm.com/login in your browser.
  2. You enter your IBMid email address and click Continue.
  3. Bob detects your email domain and redirects you to the appropriate identity provider:
    • If your organization has configured SSO, you are redirected to your company's login page.
    • Otherwise, you are redirected to IBMid.
  4. You complete authentication with your credentials.
  5. Your browser redirects back to Bob and your session is established.

After authenticating in the browser, you are redirected back to the IBM Bob application automatically.

IBMid login

If your organization has not configured SSO, you sign in with your IBMid. If you do not have an IBMid, see Create an IBMid.

You can also sign in to IBMid using your Google account.

SSO login

SSO login requires an Enterprise plan. For information on configuring SSO for your organization, see Managing identity providers.

If your organization has configured a SAML identity provider in the Bob Admin page, your email domain is automatically associated with it. When you sign in, Bob detects your domain and redirects you to your company's login page instead of IBMid.

You do not need to configure anything. The redirect happens automatically based on your email domain.

Transitioning from IBMid to SSO

If you previously used IBMid to sign in and your organization later enables SSO:

  • The next time you sign in, you will be redirected to your company's login page instead of IBMid.
  • Your existing Bob account is linked to your email address, so your history, settings, and Bobcoin balance are preserved.
  • You do not need to create a new account or take any action. Sign in as usual and use your corporate credentials when prompted.
Note:

If you are unsure whether your organization has enabled SSO, contact your administrator or check with your IT team.

Session expiry and re-authentication

Bob sessions expire after a period of inactivity. When your session expires:

  1. Bob displays a sign-in prompt.
  2. Follow the same login flow to re-authenticate.
  3. Your previous work and settings are not affected.

Signing in across multiple Bob clients

Your login session is specific to each Bob client. Signing in to one client does not carry over to the others.

To sign in to Bob Shell, see Installing Bob Shell.

Troubleshooting

Already logged in to Bob Web?

If you have an active Bob Web session in your browser and then try to sign in to the IDE or Bob Shell, the login redirect can occasionally complete without returning to the client. If this happens, close the browser tab and try signing in from the Bob application again.

If you are having trouble signing in:

  • Check that your internet connection is active.
  • If your organization uses SSO, confirm with your administrator that your email domain is verified and the identity provider is active.
  • If you are behind a corporate firewall or proxy, you may need additional network configuration. See Configuring firewall rules and Configuring proxy settings.
  • Try restarting Bob and signing in again.
How is this topic?