Identity Management Update for Fall 2022
This article is intended to review developments in 2022 to build a comprehensive and unified identity management (i.e. user login) system, serving IRIS customers as well as our geodetic partners currently served by UNAVCO.
A Unified Login Portal
The first half of the year saw work on a single portal for users to log in to both IRIS and UNAVCO web sites. Jointly developed with UNAVCO and released in June, this Auth0-supported solution permits single sign-on authentication via a federation of identity providers, as supplied by CILogon.
What this means for users is that they can log in to IRIS and UNAVCO sites using their own institutional credentials, provided they are a part of the CILogon federation.
For IRIS users, we have begun the transition from the older form of web site log in to this new Auth0 portal. Though you can log in using the old or new option, we will begin phasing out the old login system early next year. IRIS and UNAVCO will continue to use this login portal after the EarthScope merger in 2023 and will serve as your single entry point for all facilities that you seek to use.
Supported Data Access
IRIS tied its internal authentication and authorization systems to this new login format over the course of the summer, completing work in August. Much of the user experience has not changed during this transition, but in the process we introduced a new user profile page on the IRIS site that provides certain new controls for data access.
- First is an access key generator that provides a time-limited access password that users will make use of for authenticated web service access to data.
- Second is a decryption key for encrypted deliveries of restricted data, primarily used by the BREQ_FAST batch access tool.
- Finally, there is a section that shows the restricted data sets that you are allowed access to. Users can request access to restricted data sets by way of a selector tool, which forwards the inquiry to the principal investigator for consideration.
The updated login system is now tied to existing restricted data access and web page settings that current users of IRIS have set. When transitioning to using the Auth0 portal, we ask that you establish your login there using the same email address for your past IRIS logins. This will ensure that you maintain a connection to your settings.
An Informational Page
In the past couple of months, we have put together an informational web page that serves to explain the identity management journey for IRIS and provide guidelines for users that make use of our services to discover and access free and open geophysical data sets.
We walk you through the new login and registration process, and show you what the user experience looks like as you log in to the IRIS web site and begin your data exploration. At the top of the page, we also provide references to helpful guides, the first being some command line examples of using authenticated access to IRIS Web Services.
The information on this page will continue to be updated as our facilities evolve around identified user data access and conveniences. So be sure to bookmark this page and refer back regularly.
Roadmap for the Future
As you may know, IRIS is undergoing a fundamental transformation in 2023, merging with the respected GAGE facility operated by UNAVCO. This will form a new organization with a singular data facility that seeks to break new ground in data center design and capabilities. For the next couple of years, we will continue to sustain our existing facilities while we work with you on a gradual shift to new facilities and capabilities. We will place identity management at the intersection between all of these services so that you only need to log in once for identified access.
Identity Management is one of the fundamental pillars of our new venture, seeking to improve our relationship with the scientific and educational community through shared awareness of access and convenient custom experiences that will make your work more productive and your science more achievable. The unified, federated login portal is just one of many examples you will see that represent a joining of forces to serve you and all who benefit from always-available Earth science data.
by Rob Casey (IRIS Data Management Center) and Adam Clark (IRIS DMC)