Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

A number of cases have arisen in which an external application needs to access user data in Synapse. 

 

Use cases:

1) OneMind Portal

The OneMind Portal is a web-based aggregator of applications, one of which is Synapse.  One goal is single-sign-on, such that users can sign on with any of a variety of web-based identities, and automatically be signed on to each of the aggregated applications.  The OneMind Portal uses Janrain, which allows users to sign-on with any of Google, LinkedIn, Twitter, etc., and to "link" their accounts together so that, for example, logging in with Twitter causes them to also be logged in to LinkedIn and Google.  The missing piece is to allow a OneMind Portal user to "link" their Synapse account, so that logging in with Janrain causes them to be logged into Synapse.

http://1mind4research.org/

2) Shiny integration

Shiny is a web-based generator of web-viewable R content, e.g. interactive graphs.  Synapse allows Shiny content to be embedded in its web UI.  To generate content, an Shiny app may need to access data which is private to a user.  So the Shiny app needs a way to be authorized to access the relevant user data, without having all of the user's authority.  This is a classic OAuth scenario.

2a) IBM whole cell parameter estimation (WCPE) challenge

The WCPE Challenge is working to implement a way for participant to interactively build up a set of files that they will be granted access to by the Shiny widget. Ideally, this would require the Shiny app to know, via some authentication method, exactly who the user is that is visiting the imbedded application. Currently, the work around will be to pass the principalId of the user, but not the sessionToken. This is a sufficient work around for this one use case, but further integration with Shiny (see below) will warrant full auth cross-talk.

2b) Fred's use case 

In this case, a visualization of a patient's genomic profile (via Shiny) is to be displayed to the research team. Since this visualization contains sensitive (private) information, the web app needs to be locked down to specific users. A shared auth system would be ideal for this scenario.

 

 

  • No labels