Skip to content Skip to navigation

XSEDE API Documentation

XSEDE has identified over 60 user facing use cases that document specific ways users need to use XSEDE's infrastructure. From those user facing use cases XSEDE distilled 12 canonical use cases that document the core (common) system functions needed by user facing use cases.

XSEDE has delivered production components supporting almost all the core (common) system functions in the canonical use cases and many of the 60 user facing use cases, thus enabling users to perform some (but not all) of the functions in those use cases.

This page documents XSEDE production components that have APIs and provides pointers to API documentation and client coding examples that software and service developers, such as Science Gateways developers, can reference.

The following 13 APIs are grouped by category. Click on the links in the tables below for more information about each API.


Data: Movement and Management (3 APIs)

1. Genesis II GFFS

Provides global file system for researcher data sharing and job submission.

Related Services

2. Globus Transfer

Globus' transfer service is software-as-a-service for file transfer and sharing. Designed specifically for researchers, Globus provides fast, reliable, and secure file transfer among XSEDE resources or between an XSEDE resource and another machine (such as a campus cluster, lab server, or personal computer). Globus is core campus bridging technology that enables researchers to scale their computational research from the desktop, across campus, and to national cyberinfrastructure. Beyond file transfer, Globus allows researchers to securely share data with collaborators directly from existing systems, without investing in additional campus or cloud storage just for the purposes of sharing.

Related Services

3. GridFTP

GridFTP is a high-performance, secure, reliable data transfer protocol optimized for high-bandwidth wide-area networks. In the XSEDE system architecture, GridFTP is a service-layer interface for data transfer. (The higher-level, access-layer interface is Globus transfer, see above.) The GridFTP protocol is based on FTP, the highly-popular Internet file transfer protocol. We have selected a set of protocol features and extensions defined already in IETF RFCs and added a few additional features to meet requirements from current data grid projects.



Execution: Job Execution and Management (2 APIs)

1. GSI OpenSSH

Enables remote login and shell access using X.509 credentials. Programs can fork/exec the GSI OpenSSH client and send shell commands to be executed on the remote machine.

API Documentation
Related Services
Related Use Cases

2. UNICORE / Execution Management Service

UNICORE is a Grid middleware offering services for program execution and data movement on remote computers via the internet. It specializes on massively parallel applications typically running on large computing clusters and supercomputers utilizing their resource management systems (job schedulers and batch systems) to distribute work efficiently.

Related Use Cases


Information: Publishing and Discovery (3 APIs)

1. AMQP Publishing and Subscribe


2. REST API Publish and Query

Enables synchronous publishing and query based discovery of XSEDE infrastructure resource information.

API Documentation
Related Services

3. UNICORE Registry



Security: Authentication, Authorization, and Identity Management (5 APIs)

1. CILogon

CILogon provides a standards-compliant OpenID Connect (OAuth 2.0) interface to federated authentication. Clients can use this interface to authenticate users via their home campus identity providers (e.g., via InCommon SAML authentication) and optionally obtain short-lived X.509 certificates for users.

API Documentation
Related Services

2. Genesis II WS-STS

Implements WS-Trust standard for Secure Token Service (STS), with variants for GFFS grid user, Kerberos and Globus Auth authentication processes.


3. Globus Identity Management

Globus Auth is a foundational identity and access management (IAM) platform service, used for brokering authentication and authorization interactions between end-users, identity providers, resource servers (services), and clients (including web, mobile, desktop, and command line applications, and other services).

Globus Auth is compliant with the OAuth2 and OpenID Connect standards, but extends them to support use cases that are beyond the scope of those standards.

Related Services

4. MyProxy

Integrating MyProxy clients into your application allows you to authenticate and obtain X.509 certificates for your users. Using the MyProxy client API with the myproxy.xsede.org server allows applications to verify XSEDE Kerberos passwords and obtain short-lived XSEDE-accepted certificates.

API Documentation
Related Services

5. MyProxy OAuth

The MyProxy OAuth API allows clients to authenticate users and obtain X.509 certificates for users. It is compliant with OAuth 1.0a, OAuth 2.0, and OpenID Connect. Using the MyProxy OAuth API with the oa4mp.xsede.org server allows clients to authenticate XSEDE users and obtain XSEDE-accepted short-lived certificates.

API Documentation