[Girder-users] OAuth and the Girder API
John Roberts
John.Roberts at hsc.utah.edu
Fri Feb 3 19:36:40 EST 2017
Now that we have OAuth running, a number of questions came up:
1. Can we force both web and API authentication to exclusively use
OAuth and disallow the standard user/password login page?
Essentially, we'd be offloading authentication and user
name/password management entirely to the external OAuth server.
2. Does OAuth work with the Girder API?
* Would we need to modify girder_client, for example?
* What if 2-factor is turned on for the OAuth server?
My current read of the girder_client is that it will not handle OAuth as
a means of authentication. I haven't figured out whether the underlying
Girder API has a hook for directly invoking the Oauth authentication
process.
My colleague envisions users interacting with data on Girder using API
calls from a Jupyter hub client. Perhaps we could manage the
authentication process using apikeys in that case, if OAuth isn't
integrated in the Girder API authentication methods.
Thanks,
John.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://public.kitware.com/pipermail/girder-users/attachments/20170203/535ee8d9/attachment.html>
More information about the Girder-users
mailing list