Managed identities
Managed identities offer significant advantages for high performance computing (HPC) environments by enabling granular access control for individual workspace users. Unlike traditional SSH credentials that grant all workspace users access to HPC clusters using the same set of credentials, managed identities ensure each user’s activity is logged under their own credentials.
Path and query parameters
Name | Type | Location | Req/Opt | Description |
|---|---|---|---|---|
| integer | query | Optional | Organization numeric identifier. Append to list managed identities within an organization other than the requester's default. |
| string | query | Optional | Filter search parameter. Supports free text search on name and keywords: |
| integer | query | Optional | Maximum number of results to return. Default: |
| integer | query | Optional | Number of results to skip for pagination. Default: |
| integer | path | Required | Managed identity numeric identifier. |
| boolean | query | Optional | If |
| integer | query | Optional | User numeric identifier. Filter managed credentials by specific user. |
| integer | path | Required | Managed credentials numeric identifier. |
Request body parameters
Name | Type | Req/Opt | Description |
|---|---|---|---|
CreateManagedIdentity | Create managed identity | ||
name | string | Optional | Unique name for the managed identity. Must consist of alphanumeric, dash, or underscore characters. |
platform | string | Optional | HPC platform type for this managed identity. |
config | object | Optional | |
config.workDir | string | Optional | Nextflow work directory on the cluster's shared file system. Must be an absolute path and credentials must have read-write access. |
config.preRunScript | string | Optional | Add a script that executes in the nf-launch script prior to invoking Nextflow processes. See Pre and post-run scripts. |
config.postRunScript | string | Optional | Add a script that executes after all Nextflow processes have completed. See Pre and post-run scripts. |
config.nextflowConfig | string | Optional | Additional Nextflow configuration to apply. See Nextflow config file. |
config.launchDir | string | Optional | Directory where Nextflow runs. Must be an absolute path and credentials must have read-write access. If omitted, defaults to |
config.userName | string | Optional | Username for SSH connection to HPC head node. |
config.hostName | string | Optional | Hostname or IP address of HPC head node. |
config.port | integer | Optional | SSH port. Default: |
config.headQueue | string | Optional | The name of the queue on the cluster used to launch the Nextflow execution. |
config.computeQueue | string | Optional | The name of queue on the cluster to which pipeline jobs are submitted. Can be overridden by the pipeline configuration. |
config.maxQueueSize | integer | Optional | The maximum number of jobs Nextflow can submit to the queue simultaneously. Default: |
config.headJobOptions | string | Optional | Additional submit options for the Nextflow head job. |
config.propagateHeadJobOptions | boolean | Optional | If true, |
UpdateManagedIdentity | Update managed identity | ||
managedIdentity | object | Optional | |
managedIdentity.id | integer | Optional | Managed identity numeric identifier. |
managedIdentity.name | string | Optional | Name of the managed identity. |
managedIdentity.platform | string | Optional | HPC platform type. |
managedIdentity.config | object | Optional | |
managedIdentity.config.workDir | string | Optional | Nextflow work directory on the cluster's shared file system. Must be an absolute path and credentials must have read-write access. |
managedIdentity.config.preRunScript | string | Optional | Add a script that executes in the nf-launch script prior to invoking Nextflow processes. See Pre and post-run scripts. |
managedIdentity.config.postRunScript | string | Optional | Add a script that executes after all Nextflow processes have completed. See Pre and post-run scripts. |
managedIdentity.config.nextflowConfig | string | Optional | Additional Nextflow configuration to apply. See Nextflow config file. |
managedIdentity.config.launchDir | string | Optional | Directory where Nextflow runs. Must be an absolute path and credentials must have read-write access. If omitted, defaults to |
managedIdentity.config.userName | string | Optional | Username for SSH connection to HPC head node. |
managedIdentity.config.hostName | string | Optional | Hostname or IP address of HPC head node. |
managedIdentity.config.port | integer | Optional | SSH port. Default: |
managedIdentity.config.headQueue | string | Optional | The name of the queue on the cluster used to launch the Nextflow execution. |
managedIdentity.config.computeQueue | string | Optional | The name of queue on the cluster to which pipeline jobs are submitted. Can be overridden by the pipeline configuration. |
managedIdentity.config.maxQueueSize | integer | Optional | The maximum number of jobs Nextflow can submit to the queue simultaneously. Default: |
managedIdentity.config.headJobOptions | string | Optional | Additional submit options for the Nextflow head job. |
managedIdentity.config.propagateHeadJobOptions | boolean | Optional | If true, |
CreateManagedCredentials | Create managed credentials | ||
provider | string | Optional | Authentication provider type. Currently supports |
credentials | object | Optional | |
credentials.id | string | Optional | |
credentials.name | string | Required | |
credentials.description | string | Optional | |
credentials.provider | string | Required | |
credentials.baseUrl | string | Optional | |
credentials.category | string | Optional | |
credentials.deleted | boolean | Optional | |
credentials.lastUsed | string | Optional | |
credentials.dateCreated | string | Optional | |
credentials.lastUpdated | string | Optional | |
credentials.keys | object | Optional | |
credentials.keys.discriminator | string | Optional | |
metadata | object | Optional | |
metadata.discriminator | string | Optional | Type discriminator for metadata structure (read-only). |
UpdateManagedCredentials | Update managed credentials | ||
provider | string | Optional | Authentication provider type. Currently supports |
credentials | object | Optional | |
credentials.id | string | Optional | |
credentials.name | string | Required | |
credentials.description | string | Optional | |
credentials.provider | string | Required | |
credentials.baseUrl | string | Optional | |
credentials.category | string | Optional | |
credentials.deleted | boolean | Optional | |
credentials.lastUsed | string | Optional | |
credentials.dateCreated | string | Optional | |
credentials.lastUpdated | string | Optional | |
credentials.keys | object | Optional | |
credentials.keys.discriminator | string | Optional | |
metadata | object | Optional | |
metadata.discriminator | string | Optional | Type discriminator for metadata structure (read-only). |