V
Various Peafowl
I'm looking at joining some existing systems to the Seqera Platform, and building some new ones surrounding it. Users log in to those systems and they might request a Seqera Platform Nextflow pipeline to run, or to view the Nextflow Pipeline Run status and metadata, as well as metadata from other places.
We're currently moving our SSO system to OpenID Connect through Okta, and having the ability to pass on the JWT based Access Token to Seqera Platform to make requests with a logged in users identity would make this much more possible.
As a basic flow:
  1. A user logs in to Application A, and gains an
    Access Token
    and an
    Identity Token
    from Okta.
  2. The user views a Nextflow pipeline run, and surrounding metadata and decides to rerun it.
  3. In Application A, the user clicks rerun.
  4. A request is made to Seqera Platform with the users'
    Access Token
    as a
    Bearer
    token.
  5. Seqera Platform can either validate the JWT is correct or make a request to Okta to check its valid (or both).
  6. Seqera Platform validates access, kicking off a Nextflow Pipeline Run on the relevant compute environment.
  7. Application A polls the Seqera Platform for updates.