90 minutes session planned in the first day afternoon
- Input from WPs (15 minutes per contribution)
- Discussion on joint actions across WPs on AAI (30 minutes)
Kay: 10 minutes are enough for WP3, WP3 mostly needs authentication flexibility (repos will be open, so authz shouldn't be a big concern)
AC: WP5 can take the extra 5 minutes.
## Proposed session topics
Understand key AAI requirements across the ESCAPE cluster (with focus on data access)
- How are users and agents authenticated?
- What’s the authorization model? What’s the delegation model? How are authorization privileges and policies managed?
- What are the legacy auhtn/authz mechanisms that must be supported?
- Understand what are the key software components that needs to be integrated and whether the integration requires changes in the software
Ideally each WP presentation could try to give answers to the above questions.
## Identify an initial set of cross-WP integration use cases
- Higher level services access and manage data in a secured manner, using the data lake AAI
- What are the software components that will be integrated?
Zheng: As a first WP5 objective, we want to enable federated login against IAM ESCAPE from the Science Platform Portal. Initially can be flat and later we can have finer grained authz based on group information. IAM Escape federated login for Astron already working for Zheng. Now integration in a set of django services needs to start.
Andrea: I could give a training webinar on OIDC/IAM integration, and we could followup that with an hackathon/face-2-face hands-on session to sort out integration issues for the science analysis platform portal and other services. The Webinar could happen right after the Brussells meeting, and then we can schedule the hackathon.