Hi,
I was hoping to get some input on the correct way to go about using a Globus
from a third party application.
I have an application that uses Globus for the data transfer
aspects. Users can submit transfers from the application. The application has
GCS endpoints that it manages. However, we want to let users transfer data from
any GCS endpoint to the endpoints managed by the application. One of the challenges
I’m hitting is when they want to transfer data from a GCS endpoint at organization
“A” to a GCS endpoint managed by our application they are required to reauthenticate
with the organization.
Side note. Many organizations have the GCS endpoints configured with a session
timer. 30 minutes after the user authenticates with the organization the
session times out.
The problem I’m hitting is not that a session times out but
rather that there seems to be no way to reauthenticate non-interactively with
the organization after the timeout occurs. Users are required to retrigger the
Oauth2 code authorization flow which requires manual interaction.
I can conceive a solution where organization “A” provides users with the ability to create
client credentials. However, even if a user had client credentials through organization
“A” I don’t believe there is a way to use them through Globus to re-establish a
secure connection. This becomes problematic for long lasting workflows or
automated workflows. How do Globus flows deal with this problem? Are users
still required to reauthenticate with the organization after the 30 minute
session timeout, I would assume so?
Happy to explain more if my explanation is not clear.