Researcher Auth Service Initiative
About the Researcher Auth Service Initiative
The NIH is the largest biomedical research agency in the world and home to many valuable data resources and platforms at the forefront of data science for data research. These resources are currently located in separate systems with each system requiring a separate login even if it uses the same credentials as another system.
Because these resources are currently siloed, researchers must manage multiple credentials when attempting to access multiple NIH-funded data platforms while conducting their research. Researchers are unable to move from system to system using one set of credentials, which causes delays in accessing information and completing full research exercises.
To reduce the burden on researchers’ access to data, the Researcher Auth Service (RAS) will be a service provided by NIH's Center for Information Technology to facilitate access to NIH’s open and controlled data assets and repositories in a consistent and user-friendly manner. The RAS initiative is advancing data infrastructure and ecosystem goals defined in the NIH Strategic Plan for Data Science.
Using human-centered design principles, RAS will combine input from researchers and the work of partner institutions on the initiative to design a user experience that reduces points of friction throughout the process (e.g., eliminating or reducing the need for researchers to have to furnish distinct/multiple credentials).
Security is another driving factor for the RAS services; increased protection of intellectual resources through automated logging of user activities will facilitate easier investigation and activity tracing in the event of a cyber security incident.
The service offerings explains the authentication, authorization, and logging services available to NIH Institutes and Centers and extramural systems desiring information about users requesting to access NIH’s open and controlled data assets and repositories through RAS.
January 2020 Partner Development Workshop
The RAS team hosted a workshop at NIH to provide partners with an update on the current state of RAS and the identity and access data available in RAS. The workshop also provided participants an opportunity to agree on the design for each RAS integration use case (interoperability step-by-step, application-to-application) and define the data to be contained within the tokens.
In addition to the participating NIH ICs, the following organizations were present: University of Chicago, Gen3, Children’s Hospital of Philadelphia (CHOP), Broad, Renaissance Computing Institute (RENCI), Seven Bridges, Globus, Johns Hopkins, University of Maryland, and Institute for Systems Biology (ISB).
Important progress was made toward finalizing the initial architecture for the first phase of RAS-IC System integration use cases (CRDC/AnVIL, KFDRC/BioData Catalyst), and discussions were initiated for phase two integrations (NDA, AoU, CFDE, NCBI). RAS also gathered requirements for security, technical research spikes, the first NIH-dbGaP Visa (based on GA4GH standards), and longer-term requirements.
RAS in 2020
NIH expects to deploy in late 2020 a set of APIs that will allow seamless access to researchers for integrated data repositories. A researcher accessing NIH data resources can log in with any one of their preferred credentials (eRA Commons, ORCID or Google) and they would then be able to access any integrated repository without having to log in again. Existing rules for authorization will be enforced so a user can only access data that he or she has been authorized to view.
RAS uses open standards and protocols and provides integrating systems with many standards-based options for integration. These integrations will allow NIH staff to log into participating external institutes/applications using their NIH or eRA credentials.
Participating NIH Systems:
- Common Fund: Gabriella Miller Kids First Pediatric Data Resource Center (KFDRC), Common Fund Data Ecosystem (CFDE)
- National Center for Biotechnology Information: Database of Genotypes and Phenotypes (dbGaP)
- National Human Genome Research Institute: Genomic Data Science Analysis, Visualization, and Informatics Lab-space (AnVIL)
- National Cancer Institute: Cancer Research Data Commons (CRDC)
- National Heart, Lung, and Blood Institute: BioData Catalyst (formerly DataSTAGE)
- Office of the Director: All of Us
- National Institute of Mental Health: National Institute of Mental Health Data Archive (NDA)
Milestones
October 2019 – Globus-eRA Integration: Foundational Milestone for New Researcher Auth Service
NIH staff and extramural researchers with an electronic Research Administration (eRA) Commons account can now use those credentials with Globus to access resources and services. This integration is the result of a partnership between the NIH Center for Information Technology and Globus, a division of the University of Chicago that provides data management capabilities—including managed data transfer and sharing—to research organizations.
When a researcher visits Globus, he or she will be able to login using eRA Commons credentials thanks to the OpenID Connect protocol. This new NIH capability provides greater flexibility and can be rapidly adopted and extended to support other integration partners in the future.
This page last reviewed on April 15, 2020