Welcome to XSEDE's OIDC (OpenID Connect) OAuth 2.0 for MyProxy delegation page!
This page simply contains information about the XSEDE project's OIDC OAuth 2.0 MyProxy delegation service. To access the functionality, you will need a gateway and a login on MyProxy. There is not much a user can do directly with this site. This page is aimed at portal and gateway developers.

What does it do?

This service allows a user to authenticate and optionally request a certificate from MyProxy for use by a Client/gateway. This is based on the OAuth for MyProxy code base. In that documentation, a gateway will be using the client code. When a gateway needs to authenticate a user or needs a certificate to do something on a user's behalf, it initiates a request to this site. The user authorizes this at this portal (not the gateway which would be insecure). The certificate is then obtained and returned to the gateway.

How does it do it?

Magic. Well, not quite. You can read the specification for all the gory details (and there are a lot of them, I might add). Suffice to say it is nontrivial.

Gateway sources

If you are looking to set up a gateway, then you should read up how to set up an OAuth for MyProxy client on how to get the sources, build them (if needed) and incorporate them into your gateway. The details are put into a very simple service API so adding this functionality to your gateway should be quite straightforward -- that is the aim.

Gateway registration

To register your gateway with the XSEDE OA4MP OIDC service, be sure to look at Registering A Gateway which describes how to do this.

Portal sources

Finally, there is Getting Started which details how to get, build and deploy a portal to do MyProxy delegation. Further information can be found on the XSEDE Developer page.