The Research Software Portal's Use Case Registry has over 100 user facing use cases that document specific ways users need to use research cyberinfrastructure. From those user facing use cases we have distilled 12 canonical use cases that document the core (common) system functions needed by user facing use cases.
Research infrastructures can delivered production components that support these core (common) system functions in the canonical use cases and many of the over 100 user facing use cases, thus enabling users to perform some (but not all) of the functions in those use cases.
This page documents operational components that have APIs and provides pointers to API documentation and client coding examples that software and service developers, such as Science Gateways developers, can reference.
The following 13 APIs are grouped by category. Click on the links in the tables below for more information about each API.
Provides global file system for researcher data sharing and job submission.
Globus' transfer service is software-as-a-service for file transfer and sharing. Designed specifically for researchers, Globus provides fast, reliable, and secure file transfer among HPC resources, campus cluster, lab servers, or personal computers. Globus is core campus bridging technology that enables researchers to scale their computational research from the desktop, across campus, and to national cyberinfrastructure. Beyond file transfer, Globus allows researchers to securely share data with collaborators directly from existing systems, without investing in additional campus or cloud storage just for the purposes of sharing.
GridFTP is a high-performance, secure, reliable data transfer protocol optimized for high-bandwidth wide-area networks. GridFTP is a service-layer interface for data transfer. (The higher-level, access-layer interface is Globus transfer, see above.) The GridFTP protocol is based on FTP, the highly-popular Internet file transfer protocol. We have selected a set of protocol features and extensions defined already in IETF RFCs and added a few additional features to meet requirements from current data grid projects.
Enables remote login and shell access using X.509 credentials. Programs can fork/exec the GSI OpenSSH client and send shell commands to be executed on the remote machine.
UNICORE is a Grid middleware offering services for program execution and data movement on remote computers via the internet. It specializes on massively parallel applications typically running on large computing clusters and supercomputers utilizing their resource management systems (job schedulers and batch systems) to distribute work efficiently.
Enables asynchronous publishing of and subscription to HPC resource information.
Enables synchronous update (REST POST) and query (REST GET) of cyberinfrastructure resource information. Provides access to public information, and to restricted information for authenticated clients.
Enables synchronous publishing and query based discovery of UNICORE infrastructure resource information.
CILogon provides a standards-compliant OpenID Connect (OAuth 2.0) interface to federated authentication. Clients can use this interface to authenticate users via their home campus identity providers (e.g., via InCommon SAML authentication) and optionally obtain short-lived X.509 certificates for users.
Implements WS-Trust standard for Secure Token Service (STS), with variants for GFFS grid user, Kerberos and Globus Auth authentication processes.
Globus Auth is a foundational identity and access management (IAM) platform service, used for brokering authentication and authorization interactions between end-users, identity providers, resource servers (services), and clients (including web, mobile, desktop, and command line applications, and other services).
Globus Auth is compliant with the OAuth2 and OpenID Connect standards, but extends them to support use cases that are beyond the scope of those standards.
Integrating MyProxy clients into your application allows you to authenticate and obtain X.509 certificates for your users. Using the MyProxy client API with the myproxy.xsede.org server allows applications to verify XSEDE Kerberos passwords and obtain short-lived XSEDE-accepted certificates.
The MyProxy OAuth API allows clients to authenticate users and obtain X.509 certificates for users. It is compliant with OAuth 1.0a, OAuth 2.0, and OpenID Connect. Using the MyProxy OAuth API with the oa4mp.xsede.org server allows clients to authenticate XSEDE users and obtain XSEDE-accepted short-lived certificates.