Globus Auth service
Globus Auth is a foundational identity and access management platform service designed to address unique needs of the science and engineering community. It serves to broker authentication and authorization interactions between end-users, identity providers, resource servers (services), and clients (including web, mobile, desktop, and command line applications, and other services).
Globus Auth thus makes it easy, for example, for a researcher to authenticate with one credential, connect to a specific remote storage resource with another identity, and share data with colleagues based on another identity. By eliminating friction associated with the frequent need for multiple accounts, identities, credentials, and groups when using distributed cyberinfrastructure, Globus Auth streamlines the creation, integration, and use of advanced research applications and services. Globus Auth builds upon the OAuth 2 and OpenID Connect specifications to enable standards-compliant integration using existing client libraries. It supports identity federation models that enable diverse identities to be linked together, while also providing delegated access tokens via which client services can obtain short term delegated tokens to access other services.
Many research communities have adopted Globus Auth to facilitate access to their resources and services, including NCAR’s Research Data Archive and Wellcome Sanger’s Imputation Service.
Explore Globus Auth
- Use the Globus Auth Developer’s Guide to get started.
- See how to access the service via the Globus Python SDK.
- Experiment with the platform via Jupyter notebooks.
- Globus Auth API Reference.
- Read the paper on Globus Auth
- The Modern Research Data Portal, a proven design pattern for providing secure, scalable, and high performance access to research data, is built using Globus platform services.