Executive Summary: A science gateway developer needs to enable a gateway to acquire credentials that allow the gateway to use community resources and/or services. A community resource is a resource provided to the community by a service provider (e.g., a compute cluster, a storage system). A community service is a service that adds value to the community’s resources (e.g., single sign-on, data transfer, user support).
No effort or changes are proposed at this time.
Component | User facing? | Component’s role in the capability |
---|---|---|
Globus Auth | yes | Globus Auth is the Web Single-sign-on service for XSEDE. Globus Auth provides an OpenID Connect (OIDC) interface that allows users to authenticate using any OIDC identity provider, significantly including the CILogon OIDC service, which provides OIDC mapping for many of the thousands of InCommon and EduGAIN SAML/Shibboleth identity providers. |
XSEDE User Portal (XUP) | yes | The XSEDE User Portal (XUP) provides the ability for science gateway users to register with XSEDE. A Science Gateway developer can require gateway users to register with XSEDE before being granted access to the gateway, in which case the gateway will have access to the user's XSEDE user profile information, even if the user logs in using a non-XSEDE identity provider on subsequent visits. |