Accessing iRODS

Accessing iRODS#

Unlike other IT facilities, iRODS is not by default set up for all users. Please read the text below to find out how you can obtain access to iRODS.

SRAM#

SURF Research Access Management (SRAM) is a platform that allows institutions to delegate access to research services for researchers. It enables quick, easy, and secure management of research collaborations. The service is built on established international agreements for authorization and authentication in education and research, and is hosted by Surf, the Dutch national cooperation of education and research on IT matters.

SRAM employs the infrastructure of its members (the Universities themselves) to do the actual authentication of people. It allows us to make iRods available to users inside and outside of TU Delft.

Through Edu-ID, it is possible for external users to identify themselves to SRAM, even when they are not affiliated with an academic institute.

Signing up#

SRAM works on an invitation basis, so if you are not yet registered in iRODS, find an iRODS contactperson and have them invite you. You will receive the invitation in your email. Click on the link in the invitation and follow these steps:

  1. Accept the SRAM invitation (if needed)

  2. Log in to SRAM at sram.surf.nl with your TU Delft NetID

  3. Click on the tab “Collaborations”

  4. Click on “TU Delft iRods”

  5. Click on “Applications”

  6. Click on “Create application token”

  7. Give your token a name, copy the application token itself into your password manager. This is the only time you will be able to do that!

    Important

    Yes: you do really need a password manager!

  8. Click Save!

  9. Also, while logged in, click on your name (Top right corner) and select “Profile”. Note the value for “Username”. Often, but not always, this will be your NetID. This is your SRAM-id. You will need this to log in to iRODS. Add this to your password manager entry that you created above!

Token expiration

Please note that your token will be valid for 6 weeks and then it will expire. After this period you need to re-activate your token bij following steps 2 to 5, selecting your token, and clicking “Reactivate”.

Background on SRAM#

At TU Delft, our policies and procedures emphasize easy and secure access to research services. The first step in using iRODS is establishing a secure connection between your computer and our iRODS instance(s). Like other services provided by the TU Delft, we have established our secure connection through the concept of NetID and SURF Research Access Management, from now on called SRAM. The following steps will guide you to connect to iRODS through SRAM.

You may wonder why the procedure to access iRODS is different from the one accessing most other digital systems at TU Delft (where NetID/Password) is used. There are two main reasons for this:

  1. External user access

Research data, and management of that data, is often handled in projects involving participants from outside TU Delft, be it in other universities or outside of academia. NetID would not enable us to do this.

  1. Programmatic access

iRODS by its nature will be accessed often through automated scripts, for instance when automatically uploading measurement data. These scripts need to authenticate to iRODS. From a security perspective it is highly undesirable to somehow enable these scripts to use a user’s NetID password. Therefore we use an application token. These also involve a security risk when stolen, but that risk is limited in impact (only usable in iRODS) and in time (lifetime will expire quite soon).

Warning

Notwithstanding the above impact analysis: always be careful to protect your application token. Treat it as a valuable password!

Contents