XSEDE Capability Delivery Plan for "IDM-06: Login to a science gateway with an XSEDE identity"

Use Case IDM-06: Login to a web application or science gateway with a community identity

Area: Account Management
URLs: Public, Review

Executive Summary: A community member needs to be able to login to a web application or science gateway (a web application integrated with the community, hereafter referred to as “the gateway”) with a community identity so the gateway can securely interact with community services on behalf of the user.

Organization: 
XSEDE
First CDP: 2018-08-25
Current CDP: 2018-08-25
Current Implementation Status: 
Issues Remaining: 
Time & Effort Summary: 

No effort or changes are proposed at this time.

Significant Revisions:
  • 2018-08-25 14:22 (current revision)
This capability is currently supported by the following 2 components:
Component User facing? Component’s role in the capability
Globus Auth yes Globus Auth is the Web Single-sign-on service for XSEDE. Globus Auth provides an OpenID Connect (OIDC) interface that allows users to authenticate using any OIDC identity provider, significantly including the CILogon OIDC service, which provides OIDC mapping for many of the thousands of InCommon and EduGAIN SAML/Shibboleth identity providers.
XSEDE User Portal (XUP) yes The XSEDE User Portal (XUP) provides the ability for science gateway users to register with XSEDE. A Science Gateway developer can require gateway users to register with XSEDE before being granted access to the gateway, in which case the gateway will have access to the user's XSEDE user profile information, even if the user logs in using a non-XSEDE identity provider on subsequent visits.