The Life Science Login enables researchers to use their home organisation credentials or community or other identities (e.g. Google, Linkedin, LS ID) to sign in and access data and services they need. It also allows service providers (both in academia and industry) to control and manage access rights of their users and create different access levels for research groups or international projects. Life Science Login was formerly known as ELIXIR AAI, run by the European life science network ELIXIR. Now, Life Science Login serves as a common authentication mechanism for services integrated into the Research Data Commons.
Overview
The authentication service Life Science Login allows users to log in to many web services by using a single user account and credentials of their "home organization" (e.g. universities or research institutes). Any life science-related web service based in the European Union can support Life Science Login by becoming a "Service Provider". Life Science Login was chosen as the (first) common authentication method for services in the research data commons (RDC). It allows users of the RDC to log in to all services with the same access credentials.
Status: PRODUCTIVE
Weblink: https://lifescience-ri.eu/ls-login/
Target group:
Keywords: authentication
RDC Integration: connected
Product owner: Life Science RI
RDC Integration
Life Science Login is connected to the RDC as part of the Management & Governance layer in two ways:
- As a common authentication method supported by RDC services (e.g. by BIIGLE).
- As an authentication service that supports user accounts by GFBio as "home organization". This also allows non-academic users to access RDC services.
Getting started
Providers of web services who want to support Life Science Login for authentication can find detailed instructions on this website. The most important document is the instructions for relying parties (where "relying party" is the same as "service provider" in this context). Two authentication protocols are available: SAML 2.0 and OpenID Connect (OIDC, sometimes also called OAuth authentication). OIDC is the more modern protocol which is also used by large authentication providers such as Google, Facebook or GitHub. Many programming languages and web frameworks offer packages that implement most of the logic for OIDC authentication (e.g. Socialite for PHP applications written with the Laravel framework). Packages can either be configured to support Life Science Login directly or can be extended with a small adapter package (like this in the case of Socialite).