RESTful HTTP-API for the B2STAGE service inside the EUDAT project
Before deploying in production your B2STAGE HTTP-API server you should evaluate which mechanisms suites your use case for authentication.
There are two main available options:
B2ACCESS is the service that holds the official/global EUDAT authentication across the whole international infrastructure.
Your application must be registered as a client for the B2ACCESS OAUTH protocol. If you don’t have such registration you can proceed with the following steps:
register a new account link on the websiteOauth 2.0 Client Registration FormOAuth client return URL indicate https://YOUR_SERVER/auth/authorizeB2ACCESS_ prefix).Once you start the B2STAGE server with the two variables B2ACCESS_ACCOUNT and B2ACCESS_SECRET set, the related endpoints will be activated (you may double-check this inside your /api/specs JSON content).
Please read also how the authentication works for a user here
Warning: there is an ongoing issue between B2SAFE and B2ACCESS on their trust of chain based on X509 certificates. Only the development instance of B2ACCESS is known to work correctly at the time of writing.
For more informations please ask in the dedicated chat channel.
B2SAFE offers through its iRODS server a local management of users which is not related to the EUDAT centralized accounting.
Once you start the B2STAGE server without setting the two variables B2ACCESS_ACCOUNT and B2ACCESS_SECRET (which is the default as for the current open issues), the related endpoints will be activated (you may double-check this inside your /api/specs JSON content).
Please read also how the authentication works for a user here.