Skip to content

Using your identity programmatically

For programmatic access to restricted content using your collaboration identity (basically everything not done interactively in a web browser) there are a number of different technologies currently supported.

Which one to choose depends on the service to which you are connecting, and what you want to be able to do. The pages linked below give the general details for each technology, however specialist usage may be required depending on the use case.

Try searching for a specific term

You may find the specific information for your use case by searching for the term(s) in the search dialogue.

Type / to start searching.

Kerberos

Kerberos is a network authentication protocol supported by a number of IGWN Computing services. Users can generate a ticket-granting ticket tied to their identity that can be used to authenticate against services.

For more details, see Kerberos.

SciTokens

SciTokens is a capability-based authorisation system whereby tokens are issued that grant access to perform specific actions on specific services (for example to query for segment information from the Segment Database).

For more details, see SciTokens.

X.509

The IGWN collaborations rely heavily on a technology standard called X.509 to authenticate users and authorise access to data and services.

In a typical workflow, users authenticate using their institutional or collaboration identity to create an X.509 credential that is valid for a short amount of time (normally a few days). This credential can then be leveraged to gain access to various computing centres and services.

For more details, see X.509 Authentication.