HTTPS, authentication, and reverse proxy

Has anyone created a secure web server, with CryoSPARC as the reverse proxy, and used basic authentication to pass user credentials directly to the master server? This should allow external authentication for CryoSPARC, and save users from needing to remember one more password.

Our preference is that users log themselves in to run jobs so that we have some chance of determining which projects are associated with which user. It sounds like you’re proposing using http basic auth to invoke a single sign on to Cryosparc?

Hi @DavidHoover,

It’s common to deploy cryoSPARC behind a reverse proxy and it should work in the same way you would host any other website or web application. Keep in mind we recommend doing this on an internal (institutional) network and/or use an authentication service that is more robust than HTTP basic authentication. Cloudflare for Teams is a good example.

I wouldn’t recommend passing HTTP basic authentication credentials downstream to the cryoSPARC web application for logging in.

Please let me know if you have any other questions!

- Suhail