Andrea Ceccanti (INFN) Marcus Hardt (KIT-G)
The Indigo Project  set out to develop a data and computing platform targeting scientific communities, deployable on multiple hardware and provisioned over hybrid e-infrastructures. This includes delegation of access tokens to a multitude of (orchestrated) virtual machines or containers as well as authentication of REST calls from and to VMs and other parts of the infrastructure. We introduce different tokens for delegation and tokens for accessing services directly. In this contribution we describe - the Indigo approach to address token handling (delegation tokens, access tokens, ...) - token translation to support SAML, X.509 and more, on client and server side - the plan to include support for VO-managed groups - our approach to providing a more fain grained limitation of delegated access tokens https://www.indigo-datacloud.eu/
Links, references, publications, etc.
Andrea Ceccanti (INFN) Marco Fargetta (INFN) Marcus Hardt (KIT-G) Paul Millar (DESY)
Arsen Hayrapetyan (KIT-G) Mr Bas Wegh (KIT)