• Authentication Tools


    oidc-agent is a set of tools to manage OpenID Connect tokens and make them easily usable from the command line. It follows the ssh design, so you can handle OIDC tokens in a similar way as you would do with ssh keys. If you are using or designing an API which relies on OICD authentication, these tools will come really handy to you and your users. All credentials are stored in encrypted ways (when on Disk or in RAM).

    It is developed in C and has one of the biggest quality ranks according to lgtm.com, not only of EOSC but of all Github projects. The project was created at 2017 and the last published version when this article was written was 4.2.4. With more than 200 issues solved at the main repository at Github, the project is on a very advanced state which you can freely enjoy at you Linux and MacOS distribution. A windows version is currently being developed.

    More information about oidc-agent can be found at:


    OIDC Tokens are a very handy and secured way to handle user identification and authorisation between systems, especially in a federated environment such as EOSC. However, their short life is a problem on tasks where the execution time can be longer than the expiration time of the token. Such tasks are not rare in a scientific community such EOSC. To solve this issues, mytoken was developed to provide OIDC Access Tokens for example to long-running compute jobs.

    Mytoken is a web service to obtain OpenID Connect Access Tokens in an easy but secure way for extended periods of time and across multiple devices. Mytoken focuses on integration with the command line through a command line client but also offers a web interface for users who prefer managing their tokens with a browser. If you liked oidc-agent and you need to execute long lived tasks on cloud or HPC, this tool is definitely for you.

    More information about mytoken can be found at: