OK, first what I want to achieve. Imagine a mobile application that has several settings, which I want to save to a database somewhere in the cloud, just in case the user does a factory reset or gets a new phone and then wants to import/restore the previously made settings.
It would be cool if loading/saving of application settings is easily achievable by the user. What's the state-of-the-art proceeding for such a setup? Does it really require username & password to securely load/save settings data? This process should be as simple as possible while being secure.
Similar existing answers here are several years old and technology advances fast, so I don't know if the given answers still apply for today's state-of-the-art development. I don't expect a full-fledged answer but giving a few major hints which I can look up on the web. Thank you!
(I haven't tried anything practical yet as I would first like to know the way to go and afterwards go for it.)
Since you're not specifying the CSP I will give you examples for AWS and Azure:
In AWS, Cognito provides a user directory service to create and manage user identities. It supports authenticated and guest identities. You can use authenticated identities to maintain a user account system or guest identities for an anonymous user system.
If you use authenticated identities, Cognito can do username/password logins and OAuth with Google, Facebook, and Amazon. For an anonymous system, it can create a unique identifier for your users and associate data with that identifier.
You can use AWS DynamoDB for data storage. You would save the user's settings associated with their Cognito identifier.
Here's an example of the flow:
The app is started. It requests an identity from Cognito. If the user is logged in, it uses that identity. If not, it gets a guest identity.
The app reads/writes the user's settings from/to DynamoDB using their Cognito identifier.
If the user logs into an account, the app requests Cognito to merge the guest identity and associated data with the logged-in identity.
In the case of Azure, similar services would be Azure Active Directory B2C for user identity and Cosmos DB for data storage. The workflow would be very similar.
The right solution for you may be different depending on your requirements. The question I would ask is whether the anonymity of the users is sufficient/required. Do you need to supplement it with device backups on iOS/Android devices? Do you need to encrypt the stored data? Is using QR codes for synchronizing data a requirement?
Hope this helps.