There are currently different authorisation methods used for different parts of the system:
- AWS IAM credentials to acceess the S3 import bucket
- Certificate-based authorisation to access the VPNs
- Fed-BioMed local user database to access the Fed-BioMed local node gui
It would be better to combine/replace these mechanisms to simplify the user experience and user maintenance. Ideally this would use a standard such as OAuth2 which could be integrated with existing SSO accounts (e.g. AAD) and take advantage of MFA.
There are currently different authorisation methods used for different parts of the system:
It would be better to combine/replace these mechanisms to simplify the user experience and user maintenance. Ideally this would use a standard such as OAuth2 which could be integrated with existing SSO accounts (e.g. AAD) and take advantage of MFA.