Seqera Platform Feature Requests

We would like to be able to authenticate to MySQL database with Microsoft EntraID due to security regulations. Entra ID Use Entra ID with MySQL database

Optionally make Nginx redirect all /login links to /oauth/login/oidc Should be a one-line addition to the Nginx file.

We have the Okta integration working, but the button offering the option says "Sign in with OpenID Connect" and our users are confused by it. Every other service we have offers "Login with Okta". Can we customize this button somehow to mention "Okta"?

The current process to create a Tower agent credential is: From credentials select Tower agent will give details on the usage including a connection id . The user has to go the HPC, download the agent then run it. The user now can click on add to add the agent on Tower. I am not sure if step 2 is mandatory here! I think the user experience would be better if the user does not need to run the agent here. Just do the whole creation at once on Tower. And when needed run the agent or Tower will complain. It seems to me that this step is mainly to get the connection id and this does not need to have the agent running. Again, I am not sure what is going on in the background but I thought to highlight this as I think it can be improved.

I noticed that my Enterprise tower instance logs me out much faster than tower.nf does. Is there a setting that controls the timeout value for logins and can this be increased so that we don't need to log in as often?

I'm looking at joining some existing systems to the Seqera Platform, and building some new ones surrounding it. Users log in to those systems and they might request a Seqera Platform Nextflow pipeline to run, or to view the Nextflow Pipeline Run status and metadata, as well as metadata from other places. We're currently moving our SSO system to OpenID Connect through Okta, and having the ability to pass on the JWT based Access Token to Seqera Platform to make requests with a logged in users identity would make this much more possible. As a basic flow: A user logs in to Application A, and gains an Access Token and an Identity Token from Okta. The user views a Nextflow pipeline run, and surrounding metadata and decides to rerun it. In Application A, the user clicks rerun. A request is made to Seqera Platform with the users' Access Token as a Bearer token. Seqera Platform can either validate the JWT is correct or make a request to Okta to check its valid (or both). Seqera Platform validates access, kicking off a Nextflow Pipeline Run on the relevant compute environment. Application A polls the Seqera Platform for updates.

The Seqera Platform API currently allows both PAT and JWT token authentication. PAT: Used for accessing the API using long term access keys JWT: Used for accessing the API with a browser app interaction Allowing access to the Tower APIs via a JWT token acquired programmatically in order to integrate the Tower API into a separate third-party service using an OIDC authentication provider would be another option. This would allow the implementation of an SSO (single sign-on) experience between the third-party application and the Tower backend API.