Versions Compared

Old Version 15

changes.mady.by.user Marina Adomeit

Saved on

compared with

New Version 16

changes.mady.by.user Mohácsi János

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

(consider 2 aspects: producer side and consumer side)

(guidance only - currentlz a bit technical)

  • Would it help to provide options for the service types? E.g. Please select the most appropriate service types for services in your RI:
    a. Browser Accessible Service: A service that provides a web interface that can be accessed by users using their browsers (e.g. A research data visualisation tool accessible through a web browser).

    b. API Consumed by or on behalf of Users: A service that provides an API that can be consumed programmatically by the end users or by other services using user-delegated credentials. (e.g. A data analysis API allowing researchers to programmatically retrieve and analyse datasets).

    c. API Consumed by Services: A service that provides an API meant to be consumed by other services. These services do not act on behalf of the user but have their own access rights to the API (e.g. A workflow management system might offer an API for other services to submit data jobs, monitor progress, and retrieve results.).

    d. Client consuming Service APIs using delegated user identities: A client that uses access tokens authorised/delegated by end users and which can use these access tokens to access “APIs Consumed by or on behalf of Users” (e.g. A research collaboration platform might offer an API for data analysis tools. Researchers can authorise these tools to access their research data stored on the platform using delegated access tokens).

    e. Client consuming other Service APIs using its own client identity: A client that uses its own identity and access token to access “APIs Consumed by Services” (e.g. A tool accessing a storage service API using its own client credentials to transfer data).

    f. Public Access: A service that does not require users to be authenticated and authorised before they can access its resources (e.g. A public dataset repository where anyone can access datasets without needing to log in). - two sides to this question: on ingress of data into a data source, and on egress, which may be un-authenticated. Does your infra need to distinguish between these two cases?

...