Close

Presentation

Student Technical Paper
Technical Paper
:
Securing Your Applications and Services with Globus Auth
Event Type
Student Technical Paper
Technical Paper
Facilitation Tags
Facilitation
Data
IDM
Technical Paper Tags
Technical Paper
Student Technical Paper
TimeWednesday, July 2510:45am - 11am
DescriptionGlobus Auth is a foundational identity and access management (IAM) platform-as-a-service (PaaS) that allows developers to quickly and easily create secure web, mobile, desktop, and command line applications and services. Leveraging the OAuth2 and OpenID Connect (OIDC) open standards, Globus Auth provides login and identity linking services for existing identity federations such as InCommon, social login services such as Google and ORCID, and other facility identities such as XSEDE, Blue Waters, and NERSC. Globus Auth also provides OAuth2 token issuance and validation that service developers can use to secure their own REST APIs using standard OAuth2.

In this talk we will introduce Globus Auth and describe how it implements common security constructs. We will walk through how web applications can use Globus Auth to enable login with existing user credentials, and how the same mechanisms can be used by command line applications to automate tasks such as recurring data synchronization and distribution of user selected data sets. We will also discuss how Globus Auth can be used to secure remote execution via SSH. Fully functional sample code will be provided to illustrate the web application and automation scenarios.