CILogon is an architectural component of the Extreme Science and Engineering Discovery Environment (XSEDE) as specified in the XSEDE Architecture Level 3 Decomposition. CILogon and XSEDE staff are working together on integration activities via the XSEDE engineering process. This page documents methods for using CILogon in the XSEDE architecture. New content will be added as CILogon-XSEDE integration activities progress.
XSEDE User Portal
The XSEDE User Portal uses CILogon for federated authentication, so you can sign in using your campus or Google identity. To use this option, click the "Other Sign In Options" button at https://portal.xsede.org/.
Then select your identity provider (optionality choosing to "Remember this selection"), and log in.
The first time you log in to the XSEDE User Portal via CILogon, you will be prompted to connect your federated identity to an existing XSEDE account or to create a new XSEDE account.
This one-time process configures your XSEDE account to accept your federated identity for authentication.
To manage your federated identities, visit your XSEDE Profile page at https://portal.xsede.org/group/xup/profile and click the "Manage Other Logins" link.
The Globus transfer service provides high-performance, secure file transfer to/from/between XSEDE service providers as part of the XSEDE User Access Services (XUAS). CILogon provides support for campus authentication to Globus via the InCommon federation.
To log on to Globus via CILogon, visit: https://www.globus.org/SignIn#provider=cilogon.org
XSEDE Service Provider Access
To access XSEDE service providers using your CILogon certificate, it is necessary to register your CILogon certificate with XSEDE. First, visit https://cilogon.org/xsede to obtain your certificate. Choose your university's identity provider and click the Log On button. After you authenticate at your identity provider, you will return to the "Get Your Certificate" page, shown below.
Highlight your "Certificate Subject" (for example: "/DC=org/DC=cilogon/C=US/O=University of Illinois at Urbana-Champaign/CN=James Basney A534") and copy/paste it into a document for your records. You will need to register this value with XSEDE, as described below. Be sure to copy/paste the full string starting with "/DC=org" and ending with a number like "534".
Enter a new password for your certificate into the two text boxes, click "Get New Certificate", then click the "Click Here To Download Your Certificate" link to download your usercred.p12 file containing your certificate.
Now, to register your CILogon certificate with XSEDE, open your Profile page on the XSEDE User Portal at https://portal.xsede.org/group/xup/profile (shown below).
Click the "Manage DNs" button on the left, then paste your CILogon Certificate Subject (that you previously saved in a document for your records) into the text box, then click the "Add DN" button. This will register your CILogon certificate with XSEDE. (Note: It may take up to one business day for XSEDE service providers to process your registration.)
Now that your CILogon certificate is registered with XSEDE, you can use it to access XSEDE service provider systems using gsissh:
CILogon Silver Certificates
Due to XSEDE’s support for the REFEDS Assurance Framework, XSEDE users on active allocations can obtain higher assurance X.509 certificates from the CILogon Silver CA. These higher assurance X.509 certificates are required for access to some XSEDE partner infrastructures, such as the European Grid Infrastructure (EGI). XSEDE users on active allocations should see "Level of Assurance: Silver" (as shown below) when logging on at https://cilogon.org/ with their XSEDE identities. Users can visit https://portal.xsede.org/allocations/usage to confirm that they are on an active XSEDE allocation. Visit https://ca.cilogon.org/policy/silver for more details about CILogon Silver certificates, including a list of Frequently Asked Questions and instructions for system administrators to configure their systems for CILogon Silver certificates.