Authorization in One Dep

[sofyalaski]

There are three ways to authorize in OneDep

• ORCID -> hyperlink to ORCID authorization, start new deposition, email is pre-typed. This sends an email to the connected address with depositionID and password (once logged in, appears in the list of active deposition jobs)
• upon creation of new deposition, user needs to provide an email, depositionID and password will be sent
• use depositionID and password

It makes most sense to use a simple way and to create a new deposition, put the email from the account connected to SciCat.
However, there is no way to avoid a manual entry of the password, as it will be sent to the user, and no way to scrape it. Also, when accessing this deposition at a later timepoint, there is no way to keep that password safe, as there are no private fields in the dataset schema and it can be specified that a certain file has different permission settings than the rest.

[sofyalaski]

if deposition is not new, keep the ID of deposition but prompt for a password every time

[sbliven]

Let's ask EBI about this. Maybe they can provide an API to generate a new password from scicat, or else a way to start a deposition without obtaining the password directly.

[sofyalaski]

Ask EMDB teams, how can we obtain the token for OneDep

[sbliven]

Worse case, we can redirect users to onedep and ask them to generate the token and paste it in the uploader. Better would be an endpoint for generating the token given a valid ORCID login