Accessing iRODS#
At TU Delft, our policies and procedures emphasize easy and secure access to research services. The first step in using iRODS is establishing a secure connection between your computer and our iRODS instance(s). Like other services provided by the TU Delft, we have established our secure connection through the concept of NetID and SURF Research Access Management, from now on called SRAM. The following steps will guide you to connect to the iRODS/ManGO through SRAM by considering your operation system.
Introduction to SRAM#
SURF Research Access Management (SRAM) is a platform that allows institutions to delegate access to research services for researchers. It enables quick, easy, and secure management of research collaborations. The service is built on established international agreements for authorization and authentication in education and research, and is hosted by Surf, the Dutch national cooperation of education and research on IT matters.
SRAM employs the infrastructure of its members (the Universities themselves) to do the actual authentication of people. It allows us to make iRods available to users inside and outside of TU Delft.
Signing up#
Before you can start using iRODS, you will need to sign up for the service. This is a one-time process that will establish your identity, and enable you to authenticate with the iRODS service.
After signing an agreement, and data management plan between TU Delft’s iRODS team and project leader(s)/member(s)/researcher(s)/data stewards/data managers, users will receive an invitation email
You will first need to accept the invitation by clicking “Join this collaboration”. Afterward, you will be guided to the SRAM page in which you have to choose login with Delft University of Technology
You will then be asked to provide your NetID and your password in order to connect in the ‘normal’ TU Delft authentication process. Note that authentication will be 2-factor based, so you will either receive an SMS message or need to provide a code from your authenticator app.
You are now only one step away from being able to access iRODS, and that is setting up your access token.
SRAM identity#
If you are a member of the TU Delft community, you are probably very aware of your NetID, your digital identity for everything IT related inside TU Delft. However, since iRODS is potentially open to users from outside TU Delft, it is not a given that your username in iRODS will be the same as your NetID. In order to find out your username for the iRODS service you can go to SRAM, and click in the top right corner on your name and select ‘Profile’. You will see an overview page with some data on it. The line reading ‘Username’ will show your username within iRODS. In many cases this username will be identical to your NetID, but this is not always the case!
Token based authentication#
Day-to-day authentication to iRODS is based on token authentication. This token can be considered as a dedicated password for only the iRODS service, it will not be usable for anything else. Tokens can only be created after authenticating with SRAM. You should create a service token as soon as you log into SRAM by navigating to the ‘Service tokens’ tab and clicking on the blue button ‘Create application token’.
You will need to provide a name for your token. Be sure to copy the application token to somewhere safe where you can keep it. We recommend you use a password manager for storing these kind of data. This will be the only time you can see the token, so if you don’t store it now, you will not be able to use it!
After storing it, click ‘Save’ and you are good to go!
Now that you have established your SRAM identity and your service token, you are ready to log in to iRODS!
Token renewal#
When creating your token, you may have noticed that there is an expiry date attached to it. This expiry date is by default set one month in the future. After that date has passed your token will not work anymore. However, there is an easy way to bring your token back to life! Simply go into the token overview in SRAM, click on the token, and select the blue button ‘Reactivate’ at the bottom of the screen. After this your token will be usable again for another month!