CMS Token Transition Article Swipe

PDF

Brian Bockelman , Rahul Chauhan , D. Ciangottini , Dave Dykstra , Edita Kizinevič , Stephan Lammel , Marco Mascheroni , Sarun Nuntaviriyakul , Panos Paparrigopoulos , Alan Malta Rodrigues , Chan-anun Rungphitakchai , Eric Wayne Vaandering , Vaiva Zokaite ·

YOU? · · 2025 · Open Access · · DOI: https://doi.org/10.1051/epjconf/202533701170

Within the LHC community, a momentous transition has been occurring in authorization. For nearly 20 years, services within the Worldwide LHC Computing Grid (WLCG) have been authorized based on mapping an identity, derived from an X.509 credential, or a group/role, derived from a VOMS extension issued by the experiment. A fundamental shift is occurring to capabilities: the credential, a bearer token, asserts the authorizations of the bearer, not the identity. By the HL-LHC era, the CMS experiment plans for the transition to tokens, based on the WLCG Common JSON Web Token profile, to be complete. Services in the technology architecture include the INDIGO Identity and Access Management server to issue tokens; a HashiCorp Vault server to store and refresh access tokens for users and jobs; a managed token bastion server to push credentials to the HTCondor CredMon service; and HTCondor to maintain valid tokens in long-running batch jobs. We will describe the transition plans of the experiment, current status, configuration of the central authorization server, lessons learned in commissioning token-based access with sites, and operational experience using tokens for both job submissions and file transfers.

Related Topics

Sleep Token

Dade-Collier Training And Transition Airport

Just Transition

Epidemiological Transition

Within Temptation

Sundowning (Sleep Token Album)

Transition From Ming To Qing

Transition Metal

A Dream Within A Dream

Werewolves Within (Film)

Token (Rapper)

The Colors Within

Concepts

No concepts available.

Metadata

Type: article
Language: en
Landing Page: https://doi.org/10.1051/epjconf/202533701170
PDF: https://www.epj-conferences.org/articles/epjconf/pdf/2025/22/epjconf_chep2025_01170.pdf
OA Status: diamond
References: 5
OpenAlex ID: https://openalex.org/W4414882348

All OpenAlex metadata

Raw OpenAlex JSON

OpenAlex ID: https://openalex.org/W4414882348

Canonical identifier for this work in OpenAlex
DOI: https://doi.org/10.1051/epjconf/202533701170

Digital Object Identifier
Title: CMS Token Transition

Work title
Type: article

OpenAlex work type
Language: en

Primary language
Publication year: 2025

Year of publication
Publication date: 2025-01-01

Full publication date if available
Authors: Brian Bockelman, Rahul Chauhan, D. Ciangottini, Dave Dykstra, Edita Kizinevič, Stephan Lammel, Marco Mascheroni, Sarun Nuntaviriyakul, Panos Paparrigopoulos, Alan Malta Rodrigues, Chan-anun Rungphitakchai, Eric Wayne Vaandering, Vaiva Zokaite

List of authors in order
Landing page: https://doi.org/10.1051/epjconf/202533701170

Publisher landing page
PDF URL: https://www.epj-conferences.org/articles/epjconf/pdf/2025/22/epjconf_chep2025_01170.pdf

Direct link to full text PDF
Open access: Yes

Whether a free full text is available
OA status: diamond

Open access status per OpenAlex
OA URL: https://www.epj-conferences.org/articles/epjconf/pdf/2025/22/epjconf_chep2025_01170.pdf

Direct OA link when available
Cited by: 0

Total citation count in OpenAlex
References (count): 5

Number of works referenced by this work

Full payload

id	https://openalex.org/W4414882348
doi	https://doi.org/10.1051/epjconf/202533701170
ids.doi	https://doi.org/10.1051/epjconf/202533701170
ids.openalex	https://openalex.org/W4414882348
fwci	0.0
type	article
title	CMS Token Transition
biblio.issue
biblio.volume	337
biblio.last_page	01170
biblio.first_page	01170
topics[0].id	https://openalex.org/T10715
topics[0].field.id	https://openalex.org/fields/17
topics[0].field.display_name	Computer Science
topics[0].score	0.9995999932289124
topics[0].domain.id	https://openalex.org/domains/3
topics[0].domain.display_name	Physical Sciences
topics[0].subfield.id	https://openalex.org/subfields/1705
topics[0].subfield.display_name	Computer Networks and Communications
topics[0].display_name	Distributed and Parallel Computing Systems
topics[1].id	https://openalex.org/T10054
topics[1].field.id	https://openalex.org/fields/17
topics[1].field.display_name	Computer Science
topics[1].score	0.9854000210762024
topics[1].domain.id	https://openalex.org/domains/3
topics[1].domain.display_name	Physical Sciences
topics[1].subfield.id	https://openalex.org/subfields/1708
topics[1].subfield.display_name	Hardware and Architecture
topics[1].display_name	Parallel Computing and Optimization Techniques
topics[2].id	https://openalex.org/T11181
topics[2].field.id	https://openalex.org/fields/17
topics[2].field.display_name	Computer Science
topics[2].score	0.9850999712944031
topics[2].domain.id	https://openalex.org/domains/3
topics[2].domain.display_name	Physical Sciences
topics[2].subfield.id	https://openalex.org/subfields/1705
topics[2].subfield.display_name	Computer Networks and Communications
topics[2].display_name	Advanced Data Storage Technologies
is_xpac	False
apc_list
apc_paid
language	en
locations[0].id	doi:10.1051/epjconf/202533701170
locations[0].is_oa	True
locations[0].source.id	https://openalex.org/S19068271
locations[0].source.issn	2100-014X, 2101-6275
locations[0].source.type	journal
locations[0].source.is_oa	True
locations[0].source.issn_l	2100-014X
locations[0].source.is_core	True
locations[0].source.is_in_doaj	True
locations[0].source.display_name	EPJ Web of Conferences
locations[0].source.host_organization	https://openalex.org/P4310319748
locations[0].source.host_organization_name	EDP Sciences
locations[0].source.host_organization_lineage	https://openalex.org/P4310319748
locations[0].source.host_organization_lineage_names	EDP Sciences
locations[0].license	cc-by
locations[0].pdf_url	https://www.epj-conferences.org/articles/epjconf/pdf/2025/22/epjconf_chep2025_01170.pdf
locations[0].version	publishedVersion
locations[0].raw_type	journal-article
locations[0].license_id	https://openalex.org/licenses/cc-by
locations[0].is_accepted	True
locations[0].is_published	True
locations[0].raw_source_name	EPJ Web of Conferences
locations[0].landing_page_url	https://doi.org/10.1051/epjconf/202533701170
locations[1].id	pmh:oai:doaj.org/article:a49e79bdd5e941a7b22e56848a22424f
locations[1].is_oa	False
locations[1].source.id	https://openalex.org/S4306401280
locations[1].source.issn
locations[1].source.type	repository
locations[1].source.is_oa	False
locations[1].source.issn_l
locations[1].source.is_core	False
locations[1].source.is_in_doaj	False
locations[1].source.display_name	DOAJ (DOAJ: Directory of Open Access Journals)
locations[1].source.host_organization
locations[1].source.host_organization_name
locations[1].license
locations[1].pdf_url
locations[1].version	submittedVersion
locations[1].raw_type	article
locations[1].license_id
locations[1].is_accepted	False
locations[1].is_published	False
locations[1].raw_source_name	EPJ Web of Conferences, Vol 337, p 01170 (2025)
locations[1].landing_page_url	https://doaj.org/article/a49e79bdd5e941a7b22e56848a22424f
indexed_in	crossref, doaj
authorships[0].author.id	https://openalex.org/A5101621571
authorships[0].author.orcid	https://orcid.org/0000-0003-2981-3809
authorships[0].author.display_name	Brian Bockelman
authorships[0].author_position	first
authorships[0].raw_author_name	Brian Bockelman
authorships[0].is_corresponding	False
authorships[1].author.id	https://openalex.org/A5063604840
authorships[1].author.orcid	https://orcid.org/0000-0001-6831-0273
authorships[1].author.display_name	Rahul Chauhan
authorships[1].author_position	middle
authorships[1].raw_author_name	Rahul Chauhan
authorships[1].is_corresponding	False
authorships[2].author.id	https://openalex.org/A5114378035
authorships[2].author.orcid	https://orcid.org/0000-0002-0843-4108
authorships[2].author.display_name	D. Ciangottini
authorships[2].author_position	middle
authorships[2].raw_author_name	Diego Ciangottini
authorships[2].is_corresponding	False
authorships[3].author.id	https://openalex.org/A5082448170
authorships[3].author.orcid
authorships[3].author.display_name	Dave Dykstra
authorships[3].author_position	middle
authorships[3].raw_author_name	Dave Dykstra
authorships[3].is_corresponding	False
authorships[4].author.id	https://openalex.org/A5032353101
authorships[4].author.orcid
authorships[4].author.display_name	Edita Kizinevič
authorships[4].author_position	middle
authorships[4].raw_author_name	Edita Kizinevic
authorships[4].is_corresponding	False
authorships[5].author.id	https://openalex.org/A5112391967
authorships[5].author.orcid
authorships[5].author.display_name	Stephan Lammel
authorships[5].author_position	middle
authorships[5].raw_author_name	Stephan Lammel
authorships[5].is_corresponding	False
authorships[6].author.id	https://openalex.org/A5103751755
authorships[6].author.orcid
authorships[6].author.display_name	Marco Mascheroni
authorships[6].author_position	middle
authorships[6].raw_author_name	Marco Mascheroni
authorships[6].is_corresponding	False
authorships[7].author.id	https://openalex.org/A5119872673
authorships[7].author.orcid
authorships[7].author.display_name	Sarun Nuntaviriyakul
authorships[7].author_position	middle
authorships[7].raw_author_name	Sarun Nuntaviriyakul
authorships[7].is_corresponding	False
authorships[8].author.id	https://openalex.org/A5000377248
authorships[8].author.orcid
authorships[8].author.display_name	Panos Paparrigopoulos
authorships[8].author_position	middle
authorships[8].raw_author_name	Panos Paparrigopoulos
authorships[8].is_corresponding	False
authorships[9].author.id	https://openalex.org/A5103950008
authorships[9].author.orcid
authorships[9].author.display_name	Alan Malta Rodrigues
authorships[9].author_position	middle
authorships[9].raw_author_name	Alan Malta Rodrigues
authorships[9].is_corresponding	False
authorships[10].author.id	https://openalex.org/A5119872671
authorships[10].author.orcid
authorships[10].author.display_name	Chan-anun Rungphitakchai
authorships[10].author_position	middle
authorships[10].raw_author_name	Chan-anun Rungphitakchai
authorships[10].is_corresponding	False
authorships[11].author.id	https://openalex.org/A5020715735
authorships[11].author.orcid	https://orcid.org/0000-0003-3207-6950
authorships[11].author.display_name	Eric Wayne Vaandering
authorships[11].author_position	middle
authorships[11].raw_author_name	Eric Vaandering
authorships[11].is_corresponding	False
authorships[12].author.id	https://openalex.org/A5119872672
authorships[12].author.orcid
authorships[12].author.display_name	Vaiva Zokaite
authorships[12].author_position	last
authorships[12].raw_author_name	Vaiva Zokaite
authorships[12].is_corresponding	False
has_content.pdf	True
has_content.grobid_xml	False
is_paratext	False
open_access.is_oa	True
open_access.oa_url	https://www.epj-conferences.org/articles/epjconf/pdf/2025/22/epjconf_chep2025_01170.pdf
open_access.oa_status	diamond
open_access.any_repository_has_fulltext	False
created_date	2025-10-10T00:00:00
display_name	CMS Token Transition
has_fulltext	False
is_retracted	False
updated_date	2025-11-06T03:46:38.306776
primary_topic.id	https://openalex.org/T10715
primary_topic.field.id	https://openalex.org/fields/17
primary_topic.field.display_name	Computer Science
primary_topic.score	0.9995999932289124
primary_topic.domain.id	https://openalex.org/domains/3
primary_topic.domain.display_name	Physical Sciences
primary_topic.subfield.id	https://openalex.org/subfields/1705
primary_topic.subfield.display_name	Computer Networks and Communications
primary_topic.display_name	Distributed and Parallel Computing Systems
cited_by_count	0
locations_count	2
best_oa_location.id	doi:10.1051/epjconf/202533701170
best_oa_location.is_oa	True
best_oa_location.source.id	https://openalex.org/S19068271
best_oa_location.source.issn	2100-014X, 2101-6275
best_oa_location.source.type	journal
best_oa_location.source.is_oa	True
best_oa_location.source.issn_l	2100-014X
best_oa_location.source.is_core	True
best_oa_location.source.is_in_doaj	True
best_oa_location.source.display_name	EPJ Web of Conferences
best_oa_location.source.host_organization	https://openalex.org/P4310319748
best_oa_location.source.host_organization_name	EDP Sciences
best_oa_location.source.host_organization_lineage	https://openalex.org/P4310319748
best_oa_location.source.host_organization_lineage_names	EDP Sciences
best_oa_location.license	cc-by
best_oa_location.pdf_url	https://www.epj-conferences.org/articles/epjconf/pdf/2025/22/epjconf_chep2025_01170.pdf
best_oa_location.version	publishedVersion
best_oa_location.raw_type	journal-article
best_oa_location.license_id	https://openalex.org/licenses/cc-by
best_oa_location.is_accepted	True
best_oa_location.is_published	True
best_oa_location.raw_source_name	EPJ Web of Conferences
best_oa_location.landing_page_url	https://doi.org/10.1051/epjconf/202533701170
primary_location.id	doi:10.1051/epjconf/202533701170
primary_location.is_oa	True
primary_location.source.id	https://openalex.org/S19068271
primary_location.source.issn	2100-014X, 2101-6275
primary_location.source.type	journal
primary_location.source.is_oa	True
primary_location.source.issn_l	2100-014X
primary_location.source.is_core	True
primary_location.source.is_in_doaj	True
primary_location.source.display_name	EPJ Web of Conferences
primary_location.source.host_organization	https://openalex.org/P4310319748
primary_location.source.host_organization_name	EDP Sciences
primary_location.source.host_organization_lineage	https://openalex.org/P4310319748
primary_location.source.host_organization_lineage_names	EDP Sciences
primary_location.license	cc-by
primary_location.pdf_url	https://www.epj-conferences.org/articles/epjconf/pdf/2025/22/epjconf_chep2025_01170.pdf
primary_location.version	publishedVersion
primary_location.raw_type	journal-article
primary_location.license_id	https://openalex.org/licenses/cc-by
primary_location.is_accepted	True
primary_location.is_published	True
primary_location.raw_source_name	EPJ Web of Conferences
primary_location.landing_page_url	https://doi.org/10.1051/epjconf/202533701170
publication_date	2025-01-01
publication_year	2025
referenced_works	https://openalex.org/W2150360808, https://openalex.org/W3101426655, https://openalex.org/W3195894324, https://openalex.org/W2091967155, https://openalex.org/W1572461703
referenced_works_count	5
abstract_inverted_index.A	49
abstract_inverted_index.a	4, 38, 42, 58, 111, 125
abstract_inverted_index.20	14
abstract_inverted_index.By	70
abstract_inverted_index.We	148
abstract_inverted_index.an	30, 34
abstract_inverted_index.be	93
abstract_inverted_index.by	46
abstract_inverted_index.in	10, 96, 144, 167
abstract_inverted_index.is	52
abstract_inverted_index.of	64, 154, 160
abstract_inverted_index.on	28, 84
abstract_inverted_index.or	37
abstract_inverted_index.to	54, 81, 92, 108, 115, 130, 133, 140
abstract_inverted_index.CMS	75
abstract_inverted_index.For	12
abstract_inverted_index.LHC	2, 20
abstract_inverted_index.Web	89
abstract_inverted_index.and	104, 117, 123, 138, 173, 182
abstract_inverted_index.for	78, 121, 178
abstract_inverted_index.has	7
abstract_inverted_index.job	180
abstract_inverted_index.not	67
abstract_inverted_index.the	1, 18, 47, 56, 62, 65, 68, 71, 74, 79, 85, 97, 101, 134, 151, 155, 161
abstract_inverted_index.Grid	22
abstract_inverted_index.JSON	88
abstract_inverted_index.VOMS	43
abstract_inverted_index.WLCG	86
abstract_inverted_index.been	8, 25
abstract_inverted_index.both	179
abstract_inverted_index.era,	73
abstract_inverted_index.file	183
abstract_inverted_index.from	33, 41
abstract_inverted_index.have	24
abstract_inverted_index.push	131
abstract_inverted_index.will	149
abstract_inverted_index.with	171
abstract_inverted_index.Token	90
abstract_inverted_index.Vault	113
abstract_inverted_index.X.509	35
abstract_inverted_index.based	27, 83
abstract_inverted_index.batch	146
abstract_inverted_index.issue	109
abstract_inverted_index.jobs.	147
abstract_inverted_index.jobs;	124
abstract_inverted_index.plans	77, 153
abstract_inverted_index.shift	51
abstract_inverted_index.store	116
abstract_inverted_index.token	127
abstract_inverted_index.users	122
abstract_inverted_index.using	176
abstract_inverted_index.valid	142
abstract_inverted_index.(WLCG)	23
abstract_inverted_index.Access	105
abstract_inverted_index.Common	87
abstract_inverted_index.HL-LHC	72
abstract_inverted_index.INDIGO	102
abstract_inverted_index.Within	0
abstract_inverted_index.access	119, 170
abstract_inverted_index.bearer	59
abstract_inverted_index.issued	45
abstract_inverted_index.nearly	13
abstract_inverted_index.server	107, 114, 129
abstract_inverted_index.sites,	172
abstract_inverted_index.token,	60
abstract_inverted_index.tokens	120, 143, 177
abstract_inverted_index.within	17
abstract_inverted_index.years,	15
abstract_inverted_index.CredMon	136
abstract_inverted_index.asserts	61
abstract_inverted_index.bastion	128
abstract_inverted_index.bearer,	66
abstract_inverted_index.central	162
abstract_inverted_index.current	157
abstract_inverted_index.derived	32, 40
abstract_inverted_index.include	100
abstract_inverted_index.learned	166
abstract_inverted_index.lessons	165
abstract_inverted_index.managed	126
abstract_inverted_index.mapping	29
abstract_inverted_index.refresh	118
abstract_inverted_index.server,	164
abstract_inverted_index.status,	158
abstract_inverted_index.tokens,	82
abstract_inverted_index.tokens;	110
abstract_inverted_index.HTCondor	135, 139
abstract_inverted_index.Identity	103
abstract_inverted_index.Services	95
abstract_inverted_index.describe	150
abstract_inverted_index.maintain	141
abstract_inverted_index.profile,	91
abstract_inverted_index.service;	137
abstract_inverted_index.services	16
abstract_inverted_index.Computing	21
abstract_inverted_index.HashiCorp	112
abstract_inverted_index.Worldwide	19
abstract_inverted_index.complete.	94
abstract_inverted_index.extension	44
abstract_inverted_index.identity,	31
abstract_inverted_index.identity.	69
abstract_inverted_index.momentous	5
abstract_inverted_index.occurring	9, 53
abstract_inverted_index.Management	106
abstract_inverted_index.authorized	26
abstract_inverted_index.community,	3
abstract_inverted_index.experience	175
abstract_inverted_index.experiment	76
abstract_inverted_index.technology	98
abstract_inverted_index.transfers.	184
abstract_inverted_index.transition	6, 80, 152
abstract_inverted_index.credential,	36, 57
abstract_inverted_index.credentials	132
abstract_inverted_index.experiment,	156
abstract_inverted_index.experiment.	48
abstract_inverted_index.fundamental	50
abstract_inverted_index.group/role,	39
abstract_inverted_index.operational	174
abstract_inverted_index.submissions	181
abstract_inverted_index.token-based	169
abstract_inverted_index.architecture	99
abstract_inverted_index.long-running	145
abstract_inverted_index.authorization	163
abstract_inverted_index.capabilities:	55
abstract_inverted_index.commissioning	168
abstract_inverted_index.configuration	159
abstract_inverted_index.authorization.	11
abstract_inverted_index.authorizations	63
cited_by_percentile_year
countries_distinct_count	0
institutions_distinct_count	13
citation_normalized_percentile.value	0.55842669
citation_normalized_percentile.is_in_top_1_percent	False
citation_normalized_percentile.is_in_top_10_percent	True