Globus Connect Server Manager API
The Globus Connect Server Manager API provides interfaces for configuring a GCS endpoint and managing storage gateways, user credentials, and collections.
The GCS API follows the REST design model, with resources representing storage gateways and their policies, user credentials, and collections.
All operations return a variation of the Result data type, defines the base message and response code, extended with operation-specific response data.
Changes
1.30.0
-
GCS 5.4.78 release
-
Added support for multiple S3 keys based on a pattern match to a bucket/object path prefix.
1.29.0
-
GCS 5.4.76 release
-
Added support for overriding the endpoint’s network use parameters to storage_gateway#1.3.0.
-
collection#1.11.0 adds acl_expiration_mins for high assurance guest collections
1.28.0
-
GCS 5.4.74 release
-
collection#1.10.0 adds acl_expiration_mins for high assurance mapped collections
1.26.0
-
GCS 5.4.72 release
-
connector#1.1.0 adds is_ha and is_baa fields for high assurance subscriptions
1.25.0
-
GCS 5.4.71 release
-
Mapped collection owner can be changed on managed endpoints by using the new /collections/<uuid:collection_id>/owner API endpoint.
1.23.0
-
GCS 5.4.69 release
-
Mapped collections are delete protected on creation unless the document explicitly disables it. Existing collections are not changed.
1.21.0
-
GCS 5.4.67 release
-
Mapped collection admins can view the roles of attached guest collections.
-
Collection schema collection#1.1.0 now accepts
~
incollection_base_path
. -
Sharing restrict paths and sharing policies allow $HOME and ~ when root_path is /.
1.20.0
-
GCS 5.4.66 release
-
Add read-only earliest_last_access property to the endpoint. This is the date when this endpoint started tracking last_access on collections. Clients can use this value to determine bounds on whether this collection was never accessed or not accessed since the endpoint started tracking that information.
-
Add login_name policy to the HPSS storage gateway.
1.19.0
-
GCS 5.4.65 release
-
Add allow_any_account to the storage gateway connector policies of connectors that use oauth2 user credentials: Azure Blob, Box, Google Cloud Storage, Google Drive, and OneDrive.
-
Google Cloud Storage collections are no longer required to be associated with a project.
1.18.0
-
GCS 5.4.60 release
-
Add the read-only created_at and last_access properties to the collection schema.
-
Add new filter query parameter value to GET /api/collections to allow filtering collections by created_at or last_access property values.
-
Add new API for deleting multiple guest collections in one request.
1.16.0
-
GCS 5.4.58 release
-
Allow users with an administrator role on a mapped collection to delete guest collections associated with that collection.
-
GET /storage_gateways no longer quietly ignores private_policies
1.15.0
-
GCS 5.4.57 release
-
Add guest_auth_policy_id for collections
-
Increase maxLength of user_message to 256
-
Clarify visibility of root_path on guest collections
-
Add delete_protected for collections
1.14.0
-
GCS 5.4.55 release
-
Add endpoint#1.1.0 document type to support setting GridFTP control port to something other than 443
1.11.0
-
GCS 5.4.43 release
-
Add API routes for endpoint and collection advertised owner_string.
-
Add HPSS connector
1.7.0
-
GCS 5.4.21 release
-
Added support for the multi-factor requirement to storage gateways
-
Added force_verify to collection#1.4.0
-
Add ActiveScale connector
1.6.0
-
GCS 5.4.18 release
-
Add OneDrive connector and related policy documents
-
Replace google-cloud-platform-connector module with a more correct oauth-credential-api module.
-
Add support for user sharing policies
1.4.0
-
GCS 5.4.13 release
-
Add custom domain APIs: the
/endpoint/domain
and/collections/{collection_id}/domain
route and thecustom_domain#1.0.0
document.
1.3.0
-
GCS 5.4.10 release
-
Add POSIX staging connector and related policy documents.
-
Add iRODS connector and related policy documents
1.2.0
-
GCS 5.4.8 release
-
Add
sharing_users_allow
,sharing_users_deny
to the Collection document (collection#1.2.0
) -
Add
sharing_groups_allow
,sharing_groups_deny
to the Posix Collection Policies document (posix_collection_policies#1.1.0
)
Authorization
API Authorization
The operations provided by this API may be authorized with the following authorization methods:
PublicAuthorizer
The PublicAuthorizer allows the operation if the endpoint
document’s public
property is true
.
RoleAuthorizer
A Role authorizer parses the request and the roles assigned to the current user. If one of the roles is in the listed set, then the operation is authorized. Understood roles are:
endpoint:owner
- Endpoint owner
endpoint:administrator
- Endpoint administrator
endpoint:activity_manager
- Endpoint activity_manager
endpoint:activity_monitor
- Endpoint activity_monitor
collection:administrator:*
- Collection administrator for any collection on this endpoint
collection:activity_manager:*
- Collection activity_manager for any collection on this endpoint
collection:activity_monitor:*
- Collection activity_monitor for any collection on this endpoint
collection:access_manager:*
- Collection access_manager for any collection on this endpoint
collection:administrator:{collection_id}
- Collection administrator for the collection being operated on
collection:activity_manager:{collection_id}
- Collection activity_manager for the collection being operated on
collection:activity_monitor:{collection_id}
- Collection activity_monitor for the collection being operated on
collection:access_manager:{collection_id}
- Collection access_manager for the collection being operated on
collection:administrator:{mapped_collection_id}
- Collection administrator for the mapped collection associated with the guest collection that is being being operated on
collection:activity_manager:{mapped_collection_id}
- activity_manager for the mapped collection associated the guest collection that is being being operated on
collection:activity_monitor:{mapped_collection_id}
- activity_monitor for the mapped collection associated the guest collection that is being being operated on
collection:access_manager:{mapped_collection_id}
- access_manager for the mapped collection associated the guest collection that is being being operated on
StorageGatewayAuthorizer
The StorageGatewayAuthorizer allows the operation if the caller’s identity set is allowed by the policies of a storage gateway. The parameter to this authorizer is one of the following:
*
- Any storage gateway
{storage_gateway_id}
- Either the storage gateway that was passed in to this operation, or the storage gateway that the resource (either a user credential or collection) is associated with.
Versioning
Versioning
API Versioning
The GCS Manager API uses semantic versioning for its API versioning. The version of the API described in this document is 1.32.0.
Connectors
Each Connector providing access to a type of storage will have its own semantic version. This version describes the API specific to that connector, including its input and output document formats and any additional URL routes that it provides.
API Document Versions
Each document in the Globus Connect Server Manager API includes
a DATA_TYPE
property that indicates the type and version of the
document. When a document with a given DATA_TYPE
is used in a
document, the document must validate against the schema defined
for that document type. Note that extensions may be allowed based
on the definition of that type.
Details
Get GCS service information
GET /api/info
Returns information about the GCS Manager service for this endpoint, as well as additional features such as connectors that it provides as extensions to the API defined in this document.
This operation can be performed without an Authorization
header.
Query Parameters
Parameter | Type | Description |
---|---|---|
page_size |
integer <int> |
Maximum page size for a paginated response |
marker |
string |
Pagination marker for a paginated response |
Responses
200 - Get info response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "connector#1.0.0",
"display_name": "POSIX",
"id": "string",
"version": "string"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
Endpoint
Endpoint
A GCS Endpoint is an entity that represents an access point to data storage. In GCSv5, this includes the following types of items:
-
One or more Storage Gateways which define policies to access specific data storage rooted in some sort of file system or object store. In this version of the specification, ActiveScale, Azure Blob Storage, BlackPearl, Box, Ceph, Google Drive, Google Cloud Storage, HPSS, iRODS, OneDrive, POSIX, and S3 Storage Gateways are supported.
-
One or more Collections, which may define either a set of data on a Storage Gateway that is shared with other Globus users or publicly, or a set of data on a Storage Gateway that Globus users access with their own local or cloud accounts.
-
One or more nodes which define physical servers providing access to the GCS endpoint resources.
Endpoint Overview
Method | API Path | Description |
---|---|---|
|
Set the endpoint subscription id |
|
|
Set endpoint owner string |
|
|
Reset advertised owner string |
|
|
Set endpoint owner |
|
|
Get endpoint definition |
|
|
Update an endpoint |
|
|
Update an endpoint |
Details
Set the endpoint subscription id
PUT /api/endpoint/subscription_id
Change the subscription_id of this endpoint. Because subscription is enforcement is handled in a separate service than GCS and an organization’s subscription manager may not be the administrator of the endpoint, this API has allows for both role-based authorization and subscription manager based authorization.
The authorization allows the following:
- Caller has a role but is not subscription manager
- Remove an existing subscription from an endpoint, even if the caller is not a manager for that subscription.
- Caller does not have a role but is a subscription manager
- Set the subscription_id to a subscription they manage on a currently-unmanaged endpoint or remove the subscription_id from the endpoint if it is one that they managed.
- Caller has a role and is a subscription manager
- Set the subscription_id to a subscription they manage on an endpoint even if it is currently managed by a subscription that the caller is not a manager of.
Request body
Endpoint subscription
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
subscription_id |
string |
Either the id of a Globus subscription or the special value "DEFAULT" if the caller has only one subscription associated with their identity set. |
Example
{
"DATA_TYPE": "endpoint_subscription#1.0.0",
"subscription_id": "string"
}
Responses
200 - Set endpoint owner response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
Details
Set endpoint owner string
PUT /api/endpoint/owner_string
Modify the endpoint’s advertised owner to match the username of one of the caller’s linked identities. The identity must have an administrator role on the endpoint.
Request body
Owner string document
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
identity_id |
string <uuid> |
Globus Auth Identity id |
Example
{
"DATA_TYPE": "owner_string#1.0.0",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1"
}
Responses
200 - Set endpoint owner string response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Reset advertised owner string
DELETE /api/endpoint/owner_string
Reset the endpoint’s advertised owner to the client_id of the endpoint.
Responses
200 - Reset advertised owner string response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
Set endpoint owner
PUT /api/endpoint/owner
Assign a new identity to act as the endpoint owner.
Request body
Schema for processing the endpoint_owner#1.0.0 data type
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
identity_id |
string <uuid> |
Auth identity ID of the endpoint owner |
Example
{
"DATA_TYPE": "endpoint_owner#1.0.0",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1"
}
Responses
200 - Set endpoint owner response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
Get endpoint definition
GET /api/endpoint
Get the endpoint.
Authorization
-
PublicAuthorizer
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
collection:administrator:*
-
collection:activity_manager:*
-
collection:activity_monitor:*
-
collection:access_manager:*
-
-
StorageGatewayAuthorizer
-
*
-
Responses
200 - Get endpoint response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "endpoint#1.0.0",
"allow_udt": true,
"contact_email": "string",
"contact_info": "string",
"department": "string",
"description": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"gcs_manager_url": "string",
"info_link": "string",
"keywords": [
"string"
],
"max_concurrency": 1,
"max_parallelism": 1,
"network_use": "normal",
"organization": "string",
"preferred_concurrency": 1,
"preferred_parallelism": 1,
"public": true,
"subscription_id": "string"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
Update an endpoint
PATCH /api/endpoint
Update the Endpoint document, changing only the properties included in the input. Items explicitly set to null in the input are removed from the endpoint document. This operation optionally returns the endpoint after applying the changes in the input if the include=endpoint query parameter is passed to this operation.
Query Parameters
Parameter | Type | Description |
---|---|---|
include |
array of string |
List of document types to include in the response |
Request body
A Globus Connect Server endpoint is a deployment of Globus Connect Server version 5. A single endpoint may optionally include multiple data transfer nodes. The endpoint provides a link between a Globus Connect Server deployment and the Globus Transfer service. The endpoint describes services for accessing data via GridFTP and HTTPS and also for configuring and managing the policies associated with that access.
Version 1.1.0 of the endpoint includes support for customizing the TCP port that the GridFTP listens on.
Version 1.2.0 of the endpoint includes read-only earliest_last_access to put a limit on collections which are missing a last_access value.
One of the following schemas:
Example
{
"DATA_TYPE": "endpoint#1.0.0",
"allow_udt": true,
"contact_email": "string",
"contact_info": "string",
"department": "string",
"description": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"gcs_manager_url": "string",
"info_link": "string",
"keywords": [
"string"
],
"max_concurrency": 1,
"max_parallelism": 1,
"network_use": "normal",
"organization": "string",
"preferred_concurrency": 1,
"preferred_parallelism": 1,
"public": true,
"subscription_id": "string"
}
Responses
200 - Update endpoint response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "endpoint#1.0.0",
"allow_udt": true,
"contact_email": "string",
"contact_info": "string",
"department": "string",
"description": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"gcs_manager_url": "string",
"info_link": "string",
"keywords": [
"string"
],
"max_concurrency": 1,
"max_parallelism": 1,
"network_use": "normal",
"organization": "string",
"preferred_concurrency": 1,
"preferred_parallelism": 1,
"public": true,
"subscription_id": "string"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Update an endpoint
PUT /api/endpoint
Update the endpoint document, replacing all properties with those in the input. This operation optionally returns the Endpoint after the update if the include=endpoint query parameter is passed to this operation.
Query Parameters
Parameter | Type | Description |
---|---|---|
include |
array of string |
List of document types to include in the response |
Request body
A Globus Connect Server endpoint is a deployment of Globus Connect Server version 5. A single endpoint may optionally include multiple data transfer nodes. The endpoint provides a link between a Globus Connect Server deployment and the Globus Transfer service. The endpoint describes services for accessing data via GridFTP and HTTPS and also for configuring and managing the policies associated with that access.
Version 1.1.0 of the endpoint includes support for customizing the TCP port that the GridFTP listens on.
Version 1.2.0 of the endpoint includes read-only earliest_last_access to put a limit on collections which are missing a last_access value.
One of the following schemas:
Example
{
"DATA_TYPE": "endpoint#1.0.0",
"allow_udt": true,
"contact_email": "string",
"contact_info": "string",
"department": "string",
"description": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"gcs_manager_url": "string",
"info_link": "string",
"keywords": [
"string"
],
"max_concurrency": 1,
"max_parallelism": 1,
"network_use": "normal",
"organization": "string",
"preferred_concurrency": 1,
"preferred_parallelism": 1,
"public": true,
"subscription_id": "string"
}
Responses
200 - Update endpoint response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "endpoint#1.0.0",
"allow_udt": true,
"contact_email": "string",
"contact_info": "string",
"department": "string",
"description": "string",
"display_name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"gcs_manager_url": "string",
"info_link": "string",
"keywords": [
"string"
],
"max_concurrency": 1,
"max_parallelism": 1,
"network_use": "normal",
"organization": "string",
"preferred_concurrency": 1,
"preferred_parallelism": 1,
"public": true,
"subscription_id": "string"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Roles
Roles
The client identity that created an Endpoint has full control over management aspects of the endpoint, including the properties, collections, the permission, and role assignments. Other roles enable other identities to act on various subsets of endpoint and collection management capabilities. See the endpoint roles and collection roles reference pages for information about the roles. All API endpoints below indicate which roles are required to perform the given operation.
Roles Overview
Method | API Path | Description |
---|---|---|
|
List roles |
|
|
Create a role |
|
|
Delete a role |
|
|
Get a role |
Details
List roles
GET /api/roles
Get the endpoint’s or a collection’s list of role associations.
If the collection_id
query parameter is passed to this operation, then
the roles related to that collection are returned. Otherwise, this
operation returns endpoint roles.
The include
parameter determines whether this operation returns all roles
relevant to the resource or only those that the caller has.
To obtain information about all roles, the caller must pass the "all_roles" value as the value of the "include" parameter. This requires the "administrator" role for the endpoint Or Collection the role is associated with.
Authorization
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
collection:administrator:{collection_id}
-
collection:administrator:{mapped_collection_id}
-
Query Parameters
Parameter | Type | Description |
---|---|---|
page_size |
integer <int> |
Maximum page size for a paginated response |
marker |
string |
Pagination marker for a paginated response |
collection_id |
string <uuid> |
ID of the collection |
include |
array of string |
Flag indicating whether to request all roles assignments for the endpoint or collection. |
Responses
200 - List roles response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "role#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"principal": "string",
"collection": "65986b24-c0b1-41fa-b21f-4a319273f511",
"role": "owner"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Create a role
POST /api/roles
Assign a role to an identity or group for the endpoint or a collection.
See endpoint roles and collection roles for description of the available roles.
To assign a role to a collection, include the collection’s ID in the collection property of the input document.
When creating an endpoint role, the caller must have then
endpoint:administrator
role assigned to one of their identities.
When creating a collection role for a mapped collection, the caller must
have either the endpoint:administrator
role or the
collection:administrator
role assigned for that collection.
When creating a collection role for a guest collection, the caller must have
a collection:administrator
role on the collection.
On success returns a copy of the created role with the system generated id added.
Request body
The "Role" document type represents the assignment of a role on an Endpoint or Collection to a Globus identity or group.
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
id |
string <uuid> |
Unique id string for this role assignment. This is system generated and should not be included in create requests. |
principal |
string |
Globus Auth identity or group id URN |
collection |
string <uuid> |
Collection Id. This value is omitted when creating an endpoint role or when creating role definitions when creating "collections. |
role |
string |
Role assigned to the principal |
Example
{
"DATA_TYPE": "role#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"principal": "string",
"collection": "65986b24-c0b1-41fa-b21f-4a319273f511",
"role": "owner"
}
Responses
200 - Create role response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "role#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"principal": "string",
"collection": "65986b24-c0b1-41fa-b21f-4a319273f511",
"role": "owner"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
400 - Bad Request
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"marker": "string",
"message": "string"
}
403 - Permission denied
One of the following schemas:
Name |
Type |
Description |
code |
string |
|
http_response_code |
any type |
|
detail |
string or MissingRequiredRole |
Name |
Type |
Description |
code |
string |
|
http_response_code |
any type |
|
detail |
string or SubscriptionRequired |
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
409 - Conflict
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
Delete a role
DELETE /api/roles/{role_id}
Delete one of the endpoint or collection roles on this endpoint.
To delete an endpoint role, the caller must have an endpoint:administrator
role.
To delete a mapped collection role, the caller must have one of
endpoint:administrator
or collection:administrator
role for the
collection.
To delete a guest collection role, the caller must have one of
endpoint:administrator
, collection:administrator
role for the
guest collection, or collection:administrator
for the mapped collection
the guest collection was created on.
The endpoint:owner
, or the collection:administrator
role for the creator
of a collection may not be deleted using this API.
Authorization
-
RoleAuthorizer:
-
endpoint:administrator
-
collection:administrator:{collection_id}
-
collection:administrator:{mapped_collection_id}
-
Responses
200 - Delete role response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
One of the following schemas:
Name |
Type |
Description |
code |
string |
|
http_response_code |
any type |
|
detail |
string or MissingRequiredRole |
Name |
Type |
Description |
code |
string |
|
http_response_code |
any type |
|
detail |
string or SubscriptionRequired |
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
409 - Conflict
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"marker": "string",
"message": "string"
}
Get a role
GET /api/roles/{role_id}
Get one of the role assignments on this endpoint.
Authorization
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
collection:administrator:{collection_id}
-
collection:administrator:{mapped_collection_id}
-
Responses
200 - Get role response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "role#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"principal": "string",
"collection": "65986b24-c0b1-41fa-b21f-4a319273f511",
"role": "owner"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Nodes
Nodes
Services for GCS endpoints may be deployed on multiple different physical resources. The Nodes API allows an administrator to manage those nodes.
Nodes Overview
Method | API Path | Description |
---|---|---|
|
List endpoint nodes |
|
|
Create a new node |
|
|
Get node |
|
|
Update a node |
|
|
Update a node |
|
|
Delete a node |
Details
List endpoint nodes
GET /api/nodes
Get the endpoint’s list of nodes.
This operation requires either the endpoint to have the public
property
set to true or the caller to have a role that allows viewing this endpoint
or a collection on it.
Authorization
-
PublicAuthorizer
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
collection:administrator:*
-
collection:activity_manager:*
-
collection:activity_monitor:*
-
collection:access_manager:*
-
-
StorageGatewayAuthorizer
-
*
-
Query Parameters
Parameter | Type | Description |
---|---|---|
page_size |
integer <int> |
Maximum page size for a paginated response |
marker |
string |
Pagination marker for a paginated response |
Responses
200 - List nodes response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "node#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"incoming_port_range": [
65535,
65535
],
"ip_addresses": [
"string"
],
"outgoing_port_range": [
65535,
65535
],
"status": "active"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
Create a new node
POST /api/nodes
Create a new node to describe a host which is providing service for this endpoint. This adds the node’s IP address to the DNS record for this endpoint’s GCS Manager and for all collections.
On success returns a copy of the created Node with the system generated id added.
Request body
Services for Globus Connect Server endpoints may be deployed on multiple different physical resources, referred to as data transfer nodes. Each node may have one or more IP addresses, TCP incoming and outgoing port ranges, and a status value indicating whether it is configured to actively respond to requests or is in maintenance mode.
Version 1.1.0 adds support for setting the data interface on a node.
Version 1.2.0 adds support for setting an IPv6 data interface on a node.
One of the following schemas:
Example
{
"DATA_TYPE": "node#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"incoming_port_range": [
65535,
65535
],
"ip_addresses": [
"string"
],
"outgoing_port_range": [
65535,
65535
],
"status": "active"
}
Responses
200 - Create node response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "node#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"incoming_port_range": [
65535,
65535
],
"ip_addresses": [
"string"
],
"outgoing_port_range": [
65535,
65535
],
"status": "active"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
One of the following schemas:
Name |
Type |
Description |
code |
string |
|
http_response_code |
any type |
|
detail |
string or MissingRequiredRole |
Name |
Type |
Description |
code |
string |
|
http_response_code |
any type |
|
detail |
string or LimitExceeded |
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
Get node
GET /api/nodes/{node_id}
Get information about one of the endpoint’s node.
This operation requires either the endpoint to have the public property set to true or the caller to have a role that allows viewing this Endpoint or a Collection on it.
Authorization
-
PublicAuthorizer
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
collection:administrator:*
-
collection:activity_manager:*
-
collection:activity_monitor:*
-
collection:access_manager:*
-
-
StorageGatewayAuthorizer
-
*
-
Responses
200 - Get node response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "node#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"incoming_port_range": [
65535,
65535
],
"ip_addresses": [
"string"
],
"outgoing_port_range": [
65535,
65535
],
"status": "active"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
Update a node
PUT /api/nodes/{node_id}
Update a node, replacing all properties with those in the input. This
operation optionally returns the node’s definition after the update if the
include=node
query parameter is passed to this operation.
Query Parameters
Parameter | Type | Description |
---|---|---|
include |
array of string |
Flag indicating whether to request all roles assignments for the endpoint or collection. |
Request body
Services for Globus Connect Server endpoints may be deployed on multiple different physical resources, referred to as data transfer nodes. Each node may have one or more IP addresses, TCP incoming and outgoing port ranges, and a status value indicating whether it is configured to actively respond to requests or is in maintenance mode.
Version 1.1.0 adds support for setting the data interface on a node.
Version 1.2.0 adds support for setting an IPv6 data interface on a node.
One of the following schemas:
Example
{
"DATA_TYPE": "node#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"incoming_port_range": [
65535,
65535
],
"ip_addresses": [
"string"
],
"outgoing_port_range": [
65535,
65535
],
"status": "active"
}
Responses
200 - Update node response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "node#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"incoming_port_range": [
65535,
65535
],
"ip_addresses": [
"string"
],
"outgoing_port_range": [
65535,
65535
],
"status": "active"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Update a node
PATCH /api/nodes/{node_id}
Update a node, changing only the properties included in the input document.
Items explicitly set to null in the input are removed from the Node
document. This operation optionally returns the node definition after
applying the changes in the input if the include=node
query parameter is
passed to this operation.
Query Parameters
Parameter | Type | Description |
---|---|---|
include |
array of string |
Flag indicating whether to request all roles assignments for the endpoint or collection. |
Request body
Services for Globus Connect Server endpoints may be deployed on multiple different physical resources, referred to as data transfer nodes. Each node may have one or more IP addresses, TCP incoming and outgoing port ranges, and a status value indicating whether it is configured to actively respond to requests or is in maintenance mode.
Version 1.1.0 adds support for setting the data interface on a node.
Version 1.2.0 adds support for setting an IPv6 data interface on a node.
One of the following schemas:
Example
{
"DATA_TYPE": "node#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"incoming_port_range": [
65535,
65535
],
"ip_addresses": [
"string"
],
"outgoing_port_range": [
65535,
65535
],
"status": "active"
}
Responses
200 - Update node response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "node#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"incoming_port_range": [
65535,
65535
],
"ip_addresses": [
"string"
],
"outgoing_port_range": [
65535,
65535
],
"status": "active"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Delete a node
DELETE /api/nodes/{node_id}
Delete the Node
document for the given node.
Responses
200 - Delete node response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Storage Gateways
Storage Gateways
The Storage Gateway API allows administrators to manage storage gateways.
Each Storage Gateway contains information about the connector it interfaces with as well as policies that determine who may manage or access collections on the Storage Gateway as well as how that Storage Gateway interacts with the connector.
Operations which modify a storage gateway, or inspect private policies
require an administrator
role.
Storage Gateways Overview
Method | API Path | Description |
---|---|---|
|
List storage gateways |
|
|
Create a storage gateway |
|
|
Get a storage gateway |
|
|
Delete a storage gateway |
|
|
Update a storage gateway |
|
|
Update a storage gateway |
Details
List storage gateways
GET /api/storage_gateways
List the storage gateways on an endpoint.
The include
query parameter controls what additional information is
included in the Result
document. This operation requires either the
endpoint to have the public
property set to true, the caller to have a
role that allows viewing this Endpoint, the user to have an identity which
is allowed by the individual Storage Gateway policies, or an identity which
has a permission for a collection created on this Storage Gateway.
Authorization
-
PublicAuthorizer
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
collection:administrator:*
-
collection:activity_manager:*
-
collection:activity_monitor:*
-
collection:access_manager:*
-
-
StorageGatewayAuthorizer
-
*
-
Query Parameters
Parameter | Type | Description |
---|---|---|
page_size |
integer <int> |
Maximum page size for a paginated response |
marker |
string |
Pagination marker for a paginated response |
include |
array of string |
Responses
200 - List storage gateways response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "storage_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"process_user": "string",
"require_high_assurance": true,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
Create a storage gateway
POST /api/storage_gateways
Create a storage gateway on an endpoint. On success, this operation returns a copy of the created storage gateway with the system generated id added.
Request body
A storage gateway provides the access policies for the endpoint’s connected storage systems. It is a named interface by which authorized users can create and manage collections on the connected storage system. A single storage system may be associated with multiple storage gateways, each with its own policies.
Storage gateway policies describe what type connector the storage gateway uses, the paths it allows access to, the login requirements are for the storage gateway, and the algorithm to map Globus identities to the user namespace of the storage gateway (e.g. local accounts).
Version 1.1.0 includes support for multi-factor authentication requirements for high assurance storage gateways.
Version 1.2.0 includes support for admin managed credentials.
Version 1.3.0 includes support for overriding the endpoint’s network use parameters on a storage gateway.
One of the following schemas:
Example
{
"DATA_TYPE": "storage_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"process_user": "string",
"require_high_assurance": true,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
Responses
201 - Post storage gateways response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "storage_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"process_user": "string",
"require_high_assurance": true,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
Get a storage gateway
GET /api/storage_gateways/{storage_gateway_id}
Get a storage gateway’s definition.
The include
query parameter controls what additional information is
included in the Result
document. This operation requires either the
endpoint to have the public
property set to true, the caller to have a
role that allows viewing this Endpoint, the user to have an identity which
is allowed by the individual storage gateway policies, or an identity which
has a permission for a collection created on this storage gateway.
Authorization
-
PublicAuthorizer
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
collection:administrator:*
-
collection:activity_manager:*
-
collection:activity_monitor:*
-
collection:access_manager:*
-
-
StorageGatewayAuthorizer
-
*
-
Responses
200 - Get storage gateways response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "storage_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"process_user": "string",
"require_high_assurance": true,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
Delete a storage gateway
DELETE /api/storage_gateways/{storage_gateway_id}
Delete a storage gateway.
Responses
200 - Get storage gateways response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Update a storage gateway
PATCH /api/storage_gateways/{storage_gateway_id}
Update a storage gateway, change only the properties included in the input document. It returns a document containing the storage gateway after the changes have been applied. Items explicitly set to null in the input are removed from the storage gateway.
Some properties are immutable, in general, the id
, connector_id
, and
high_assurance
properties cannot be changed, though storage
gateways may enforce additional restrictions.
This operation may return a Conflict error if any collections exist which would be not be consistent with the change in Storage Gateway policies.
Request body
A storage gateway provides the access policies for the endpoint’s connected storage systems. It is a named interface by which authorized users can create and manage collections on the connected storage system. A single storage system may be associated with multiple storage gateways, each with its own policies.
Storage gateway policies describe what type connector the storage gateway uses, the paths it allows access to, the login requirements are for the storage gateway, and the algorithm to map Globus identities to the user namespace of the storage gateway (e.g. local accounts).
Version 1.1.0 includes support for multi-factor authentication requirements for high assurance storage gateways.
Version 1.2.0 includes support for admin managed credentials.
Version 1.3.0 includes support for overriding the endpoint’s network use parameters on a storage gateway.
One of the following schemas:
Example
{
"DATA_TYPE": "storage_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"process_user": "string",
"require_high_assurance": true,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
Responses
200 - Update storage gateway response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "storage_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"process_user": "string",
"require_high_assurance": true,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Update a storage gateway
PUT /api/storage_gateways/{storage_gateway_id}
Update a storage gateway, completely replacing its definition with the new document. It returns a document containing the storage gateway after the update has been applied.
This operation may return a Conflict error if any collections exist which would be not be consistent with the change in Storage Gateway policies.
The high_assurance
property cannot be changed.
Request body
A storage gateway provides the access policies for the endpoint’s connected storage systems. It is a named interface by which authorized users can create and manage collections on the connected storage system. A single storage system may be associated with multiple storage gateways, each with its own policies.
Storage gateway policies describe what type connector the storage gateway uses, the paths it allows access to, the login requirements are for the storage gateway, and the algorithm to map Globus identities to the user namespace of the storage gateway (e.g. local accounts).
Version 1.1.0 includes support for multi-factor authentication requirements for high assurance storage gateways.
Version 1.2.0 includes support for admin managed credentials.
Version 1.3.0 includes support for overriding the endpoint’s network use parameters on a storage gateway.
One of the following schemas:
Example
{
"DATA_TYPE": "storage_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"process_user": "string",
"require_high_assurance": true,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
Responses
200 - Update storage gateway response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "storage_gateway#1.0.0",
"allowed_domains": [
"string"
],
"authentication_assurance_timeout": 1,
"authentication_timeout_mins": 1,
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"deleted": true,
"display_name": "string",
"high_assurance": true,
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_mappings": [
{
"DATA_TYPE": "external_identity_mapping#1.0.0",
"command": [
"string"
]
}
],
"load_dsi_module": "string",
"policies": {
"DATA_TYPE": "s3_storage_policies#1.0.0",
"s3_buckets": [
"string"
],
"s3_endpoint": "https://s3.amazonaws.com",
"s3_user_credential_required": true
},
"process_user": "string",
"require_high_assurance": true,
"restrict_paths": {},
"users_allow": [
"string"
],
"users_deny": [
"string"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Collections
Collections
The collection management API allows globus users to manage guest collections and administrators to manage mapped collections.
A mapped collection is a collection that maps the Globus Auth
identity of the user accessing the collection to a local
account in the Storage Gateway’s user space. Mapped collections
can only be created by those with an administrator
role on
the Endpoint.
A guest collection is a collection that uses the collection creator’s credentials to access the Storage Gateway data interface. Permissions may be added to a Guest Collection by using the Globus Transfer API.
Operations on Mapped Collections require an administrator
role.
Collections Overview
Method | API Path | Description |
---|---|---|
|
Delete multiple guest collections |
|
|
List the collections on this endpoint |
|
|
Create a collection |
|
|
Set advertised owner of collection |
|
|
Reset advertised owner of collection |
|
|
Set collection owner |
|
|
Get information about a collection |
|
|
Update a collection |
|
|
Update a collection |
|
|
Delete a collection |
Details
Delete multiple guest collections
POST /api/collections/batch_delete
Initiate the deletion of multiple guest collections. The input document contains a list of the IDs of collections to delete.
If any of the collections have collection_type of "mapped", then this operation returns an error indicating which ones were not valid or this operation.
If any of the collections do not exist or are already deleted, then they are silently ignored.
Deletion does not happen immediately; it is handled in the background by the GCS Manager Assistant process.
On success, this operation returns a message body containing the list of collections from the input that this GCS manager node will delete.
Request body
The Batch data type is used to specify multiple objects to operate on via a single REST API call.
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
ids |
array of string <uuid> |
List of object IDs to operate on |
Example
{
"DATA_TYPE": "batch#1.0.0",
"ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Responses
202 - Delete multiple collections response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "batch#1.0.0",
"ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
One of the following schemas:
Name |
Type |
Description |
code |
string |
|
http_response_code |
any type |
|
detail |
string or MissingRequiredRole |
Name |
Type |
Description |
code |
string |
|
http_response_code |
any type |
|
detail |
string or Batch |
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
List the collections on this endpoint
GET /api/collections
This operation requires either the endpoint to have the public
property
set to true or the caller to have a role that allows viewing this
Collection.
The result of this can be limited by using the filter
query parameter to
choose which of the visible collections to return. This is a
comma-separated list of filters to apply to the result set:
- mapped_collections
- Only collections with collection_type equal to mapped.
- guest_collections
- Only collections with collection_type equal to guest.
- managed_by_me
- Only collections where one of caller's identities (either directly or via a group role assignment) is granted a role on the collection.
- created_by_me
- Only collections where one of the caller's identities matches the `identity_id` property of the collection.
- last_access < YYYY-MM-DD
- last_access <= YYYY-MM-DD
- last_access <= YYYY-MM-DD
- last_access = YYYY-MM-DD
- last_access >= YYYY-MM-DD
- last_access < YYYY-MM-DD
- Only collections accessed before or after the given date
- created_at < YYYY-MM-DD
- created_at <= YYYY-MM-DD
- created_at <= YYYY-MM-DD
- created_at = YYYY-MM-DD
- created_at >= YYYY-MM-DD
- created_at < YYYY-MM-DD
- Only collections created before or after the given date
The result can also be limited by including the mapped_collection_id
query parameter. This limits the response to guest collections which have
been created using the specified mapped collection.
Normally, only public collection configuration policy data is included in
the response. If the query parameter include=private_policies
is passed
to this API, and the caller has an administrator role on this collection,
the response will include all private policies for the collection as well.
Authorization
-
PublicAuthorizer
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
collection:administrator:{collection_id}
-
collection:activity_manager:{collection_id}
-
collection:activity_monitor:{collection_id}
-
collection:access_manager:{collection_id}
-
collection:administrator:{mapped_collection_id}
-
collection:activity_manager:{mapped_collection_id}
-
-
StorageGatewayAuthorizer
-
{storage_gateway_id}
-
Query Parameters
Parameter | Type | Description |
---|---|---|
page_size |
integer <int> |
Maximum page size for a paginated response |
marker |
string |
Pagination marker for a paginated response |
include |
array of string |
Document values to include |
filter |
array of string |
Filter to apply to the return set |
storage_gateway_id |
string <uuid> |
Filter collections which were created using this storage_gateway_id |
mapped_collection_id |
string <uuid> |
Filter collections which were created using this mapped_collection_id |
Responses
200 - List collections response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "collection#1.0.0",
"allow_guest_collections": true,
"authentication_timeout_mins": 0,
"collection_base_path": "string",
"collection_type": "mapped",
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"contact_email": "string",
"contact_info": "string",
"default_directory": "string",
"deleted": true,
"department": "string",
"description": "string",
"disable_verify": true,
"display_name": "string",
"domain_name": "string",
"force_encryption": true,
"high_assurance": true,
"https_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1",
"info_link": "string",
"keywords": [
"string"
],
"manager_url": "string",
"mapped_collection_id": "b9348e97-77e7-49f6-a137-47587469ff1d",
"organization": "string",
"policies": {
"DATA_TYPE": "s3_collection_policies#1.0.0"
},
"public": true,
"root_path": "string",
"sharing_restrict_paths": {},
"storage_gateway_id": "62c250f4-af41-4074-89a9-b6aff8c56fcb",
"tlsftp_url": "string",
"user_credential_id": "321d94b1-e78a-4532-9d25-ac03c49fdaf3"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"marker": "string",
"message": "string"
}
Create a collection
POST /api/collections
This is used to create either a mapped or a guest collection. When created, a "collection:administrator" role for that collection will be created using the caller’s identity.
The collection is assigned a unique DNS name. For guest collections, this DNS name begins with "g-". By default, for mapped collections this name begins with "m-", but a user with an "endpoint:administrator" role may assign a custom domain name for a mapped collection.
In order to create a guest collection, the caller must have an identity that matches the Storage Gateway policies.
In order to create a mapped collection, the caller must have an "endpoint:administrator" or "endpoint:owner" role.
Authorization
-
RoleAuthorizer:
-
endpoint:administrator
-
endpoint:owner
-
-
StorageGatewayAuthorizer
-
{storage_gateway_id}
-
Request body
A collection consists of metadata about the collection, a DNS domain for accessing data on the collection, and configuration on the Data Transfer Nodes to access the collection data. Globus Connect Server version 5 supports two types of collections: mapped and guest.
Version 1.1.0 adds support for enabling or disabling https access for individual collections, as well as the ability for collection administrators to add an optional message and web link to be shown on the Globus Web App when users visit the collection.
Version 1.2.0 adds the ability to enable or disable sharing by specific users.
Version 1.3.0 add support for custom DNS domains on collections.
Version 1.4.0 allows optional multi-factor authentication requirements to high assurance collections and the ability to require checksums when transferring data on this collection.
Version 1.5.0 allows administrators to disable permissions that would allow anonymous users to have write access to an endpoint.
Version 1.6.0 allows administrators of mapped collections to associate policies that users accessing guest collections must meet beyond the guest collection permissions.
Version 1.7.0 increases the maximum allowed length of the user_message property.
Version 1.8.0 adds the delete_protected property. While it is set to true on a mapped collection, the collection may not be deleted. As of GCS 5.4.69, this is true by default.
Version 1.9.0 adds the read-only last_access and created_at properties.
Version 1.10.0 adds the acl_expiration_mins property to HA mapped collections.
Version 1.11.0 adds the acl_expiration_mins property to HA guest collection.
Version 1.12.0 adds the restrict_transfers_to_high_assurance property to HA collections.
One of the following schemas:
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA mapped collections and used by the guest collections attached to it. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA guest collections and HA mapped collections and used by guest collections attached to it. When set on both the mapped and guest collections, the lessor value is in effect. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA guest collections and HA mapped collections and used by guest collections attached to it. When set on both the mapped and guest collections, the lessor value is in effect. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
restrict_transfers_to_high_assurance |
string |
Flag indicating whether all data transfers to and from this collection require the remote collection be HA. This can only be assigned on high assurance mapped collections. High assurance guest collections inherit the restriction from their associated mapped collectans. This may be set to null to disable this feature. If a restriction is in place for a collection, then HTTPS access to it is disabled. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Example
{
"DATA_TYPE": "collection#1.0.0",
"allow_guest_collections": true,
"authentication_timeout_mins": 0,
"collection_base_path": "string",
"collection_type": "mapped",
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"contact_email": "string",
"contact_info": "string",
"default_directory": "string",
"deleted": true,
"department": "string",
"description": "string",
"disable_verify": true,
"display_name": "string",
"domain_name": "string",
"force_encryption": true,
"high_assurance": true,
"https_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1",
"info_link": "string",
"keywords": [
"string"
],
"manager_url": "string",
"mapped_collection_id": "b9348e97-77e7-49f6-a137-47587469ff1d",
"organization": "string",
"policies": {
"DATA_TYPE": "s3_collection_policies#1.0.0"
},
"public": true,
"root_path": "string",
"sharing_restrict_paths": {},
"storage_gateway_id": "62c250f4-af41-4074-89a9-b6aff8c56fcb",
"tlsftp_url": "string",
"user_credential_id": "321d94b1-e78a-4532-9d25-ac03c49fdaf3"
}
Responses
201 - Create collections response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "collection#1.0.0",
"allow_guest_collections": true,
"authentication_timeout_mins": 0,
"collection_base_path": "string",
"collection_type": "mapped",
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"contact_email": "string",
"contact_info": "string",
"default_directory": "string",
"deleted": true,
"department": "string",
"description": "string",
"disable_verify": true,
"display_name": "string",
"domain_name": "string",
"force_encryption": true,
"high_assurance": true,
"https_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1",
"info_link": "string",
"keywords": [
"string"
],
"manager_url": "string",
"mapped_collection_id": "b9348e97-77e7-49f6-a137-47587469ff1d",
"organization": "string",
"policies": {
"DATA_TYPE": "s3_collection_policies#1.0.0"
},
"public": true,
"root_path": "string",
"sharing_restrict_paths": {},
"storage_gateway_id": "62c250f4-af41-4074-89a9-b6aff8c56fcb",
"tlsftp_url": "string",
"user_credential_id": "321d94b1-e78a-4532-9d25-ac03c49fdaf3"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
409 - Conflict
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
Set advertised owner of collection
PUT /api/collections/{collection_id}/owner_string
Update the advertised owner string of the collection
Modify the collection’s advertised owner to match the username of one of the caller’s linked identities. The identity must have an administrator role on the collection.
Request body
Owner string document
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
identity_id |
string <uuid> |
Globus Auth Identity id |
Example
{
"DATA_TYPE": "owner_string#1.0.0",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1"
}
Responses
200 - Set collection owner string response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Reset advertised owner of collection
DELETE /api/collections/{collection_id}/owner_string
Reset the advertised owner string of the collection to the endpoint’s client_id.
Authorization
-
RoleAuthorizer:
-
collection:administrator:{collection_id}
-
endpoint:administrator
-
endpoint:owner
-
Responses
200 - Delete collection owner string response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
Set collection owner
PUT /api/collections/{collection_id}/owner
Assign a new identity to act as the mapped collection owner. Caller must have an endpoint admin or owner role.
-
This is only allowed for mapped collections
-
Owner ID can not be the endpoint client ID
Request body
Schema for processing the collection_owner#1.0.0 data type
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
identity_id |
string <uuid> |
Auth identity ID of the collection owner |
Example
{
"DATA_TYPE": "collection_owner#1.0.0",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1"
}
Responses
200 - Set collection owner response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Details
Get information about a collection
GET /api/collections/{collection_id}
This operation requires either the endpoint to have the public
property
set to true
or the caller to have a role that allows viewing this
Endpoint. Some property visibility is limited for users who do not have an
administrator
role.
Normally, only public collection configuration policy data is included in
the response. If the query parameter include=private_policies
is passed
to this API, and the caller has an administrator role on this collection,
the response will include all private policies for the collection as well.
Authorization
-
PublicAuthorizer
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
endpoint:activity_manager
-
endpoint:activity_monitor
-
collection:administrator:{collection_id}
-
collection:activity_manager:{collection_id}
-
collection:activity_monitor:{collection_id}
-
collection:access_manager:{collection_id}
-
collection:administrator:{mapped_collection_id}
-
collection:activity_manager:{mapped_collection_id}
-
-
StorageGatewayAuthorizer
-
{storage_gateway_id}
-
Query Parameters
Parameter | Type | Description |
---|---|---|
include |
array of string |
Document values to include |
Responses
200 - List collections response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"data": [
{
"DATA_TYPE": "collection#1.0.0",
"allow_guest_collections": true,
"authentication_timeout_mins": 0,
"collection_base_path": "string",
"collection_type": "mapped",
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"contact_email": "string",
"contact_info": "string",
"default_directory": "string",
"deleted": true,
"department": "string",
"description": "string",
"disable_verify": true,
"display_name": "string",
"domain_name": "string",
"force_encryption": true,
"high_assurance": true,
"https_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1",
"info_link": "string",
"keywords": [
"string"
],
"manager_url": "string",
"mapped_collection_id": "b9348e97-77e7-49f6-a137-47587469ff1d",
"organization": "string",
"policies": {
"DATA_TYPE": "s3_collection_policies#1.0.0"
},
"public": true,
"root_path": "string",
"sharing_restrict_paths": {},
"storage_gateway_id": "62c250f4-af41-4074-89a9-b6aff8c56fcb",
"tlsftp_url": "string",
"user_credential_id": "321d94b1-e78a-4532-9d25-ac03c49fdaf3"
}
],
"DATA_TYPE": "result#1.0.0",
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
Update a collection
PATCH /api/collections/{collection_id}
Updates a collection, changing only the properties included in the input document. It optionally returns a document containing the document after the change is applied. Items explicitly set to null in the input are removed from the collection document.
Authorization
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
collection:administrator:{collection_id}
-
collection:administrator:{mapped_collection_id}
-
Request body
A collection consists of metadata about the collection, a DNS domain for accessing data on the collection, and configuration on the Data Transfer Nodes to access the collection data. Globus Connect Server version 5 supports two types of collections: mapped and guest.
Version 1.1.0 adds support for enabling or disabling https access for individual collections, as well as the ability for collection administrators to add an optional message and web link to be shown on the Globus Web App when users visit the collection.
Version 1.2.0 adds the ability to enable or disable sharing by specific users.
Version 1.3.0 add support for custom DNS domains on collections.
Version 1.4.0 allows optional multi-factor authentication requirements to high assurance collections and the ability to require checksums when transferring data on this collection.
Version 1.5.0 allows administrators to disable permissions that would allow anonymous users to have write access to an endpoint.
Version 1.6.0 allows administrators of mapped collections to associate policies that users accessing guest collections must meet beyond the guest collection permissions.
Version 1.7.0 increases the maximum allowed length of the user_message property.
Version 1.8.0 adds the delete_protected property. While it is set to true on a mapped collection, the collection may not be deleted. As of GCS 5.4.69, this is true by default.
Version 1.9.0 adds the read-only last_access and created_at properties.
Version 1.10.0 adds the acl_expiration_mins property to HA mapped collections.
Version 1.11.0 adds the acl_expiration_mins property to HA guest collection.
Version 1.12.0 adds the restrict_transfers_to_high_assurance property to HA collections.
One of the following schemas:
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA mapped collections and used by the guest collections attached to it. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA guest collections and HA mapped collections and used by guest collections attached to it. When set on both the mapped and guest collections, the lessor value is in effect. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA guest collections and HA mapped collections and used by guest collections attached to it. When set on both the mapped and guest collections, the lessor value is in effect. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
restrict_transfers_to_high_assurance |
string |
Flag indicating whether all data transfers to and from this collection require the remote collection be HA. This can only be assigned on high assurance mapped collections. High assurance guest collections inherit the restriction from their associated mapped collectans. This may be set to null to disable this feature. If a restriction is in place for a collection, then HTTPS access to it is disabled. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Example
{
"DATA_TYPE": "collection#1.0.0",
"allow_guest_collections": true,
"authentication_timeout_mins": 0,
"collection_base_path": "string",
"collection_type": "mapped",
"connector_id": "9389ba6f-3696-4571-84d4-34d588c4b109",
"contact_email": "string",
"contact_info": "string",
"default_directory": "string",
"deleted": true,
"department": "string",
"description": "string",
"disable_verify": true,
"display_name": "string",
"domain_name": "string",
"force_encryption": true,
"high_assurance": true,
"https_url": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"identity_id": "011a42b9-62d7-49eb-8328-c2e454af88a1",
"info_link": "string",
"keywords": [
"string"
],
"manager_url": "string",
"mapped_collection_id": "b9348e97-77e7-49f6-a137-47587469ff1d",
"organization": "string",
"policies": {
"DATA_TYPE": "s3_collection_policies#1.0.0"
},
"public": true,
"root_path": "string",
"sharing_restrict_paths": {},
"storage_gateway_id": "62c250f4-af41-4074-89a9-b6aff8c56fcb",
"tlsftp_url": "string",
"user_credential_id": "321d94b1-e78a-4532-9d25-ac03c49fdaf3"
}
Responses
200 - Update collections response
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"DATA_TYPE": "result#1.0.0",
"code": "string",
"data": [
{}
],
"detail": null,
"has_next_page": false,
"http_response_code": 100,
"marker": "string",
"message": "string"
}
403 - Permission denied
This is the result envelope returned from all operations in this API. Each operation may add properties to this base document type with additional operation-specific data values.
Version 1.1.0 adds optional authorization_parameters to help process authorization or authentication errors
One of the following schemas:
{
"code": "string",
"http_response_code": 100,
"detail": null,
"DATA_TYPE": "result#1.0.0",
"data": [
{}
],
"has_next_page": false,
"marker": "string",
"message": "string"
}
Update a collection
PUT /api/collections/{collection_id}
Update a collection, completely replacing its definition with the new document. It returns a document containing the collection after the update has been applied.
Authorization
-
RoleAuthorizer:
-
endpoint:owner
-
endpoint:administrator
-
collection:administrator:{collection_id}
-
collection:administrator:{mapped_collection_id}
-
Request body
A collection consists of metadata about the collection, a DNS domain for accessing data on the collection, and configuration on the Data Transfer Nodes to access the collection data. Globus Connect Server version 5 supports two types of collections: mapped and guest.
Version 1.1.0 adds support for enabling or disabling https access for individual collections, as well as the ability for collection administrators to add an optional message and web link to be shown on the Globus Web App when users visit the collection.
Version 1.2.0 adds the ability to enable or disable sharing by specific users.
Version 1.3.0 add support for custom DNS domains on collections.
Version 1.4.0 allows optional multi-factor authentication requirements to high assurance collections and the ability to require checksums when transferring data on this collection.
Version 1.5.0 allows administrators to disable permissions that would allow anonymous users to have write access to an endpoint.
Version 1.6.0 allows administrators of mapped collections to associate policies that users accessing guest collections must meet beyond the guest collection permissions.
Version 1.7.0 increases the maximum allowed length of the user_message property.
Version 1.8.0 adds the delete_protected property. While it is set to true on a mapped collection, the collection may not be deleted. As of GCS 5.4.69, this is true by default.
Version 1.9.0 adds the read-only last_access and created_at properties.
Version 1.10.0 adds the acl_expiration_mins property to HA mapped collections.
Version 1.11.0 adds the acl_expiration_mins property to HA guest collection.
Version 1.12.0 adds the restrict_transfers_to_high_assurance property to HA collections.
One of the following schemas:
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 64 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA mapped collections and used by the guest collections attached to it. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA guest collections and HA mapped collections and used by guest collections attached to it. When set on both the mapped and guest collections, the lessor value is in effect. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |
Organization that runs the server(s) represented by the endpoint. Optional to preserve backward compatibility, but will eventually be required and all clients are encouraged to require users to specify it. Unicode string, max 1024 characters, no new lines. |
policies |
S3CollectionPolicies_1_0_0 or AzureBlobCollectionPolicies_1_0_0 or BlackPearlCollectionPolicies_1_0_0 or BoxCollectionPolicies_1_0_0 or CephCollectionPolicies_1_0_0 or DropboxCollectionPolicies_1_0_0 or GoogleCloudStorageCollectionPolicies_1_0_0 or GoogleDriveCollectionPolicies_1_0_0 or HPSSCollectionPolicies_1_0_0 or IrodsCollectionPolicies_1_0_0 or OneDriveCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_0_0 or PosixCollectionPolicies_1_1_0 or PosixStagingCollectionPolicies_1_0_0 |
Connector-specific collection policies |
public |
boolean |
Flag indicating whether this collection is visible to other Globus users. |
require_mfa |
boolean |
Flag indicating if the storage_gateway requires multi-factor authentication. Only applies to high assurance storage gateways. |
root_path |
string |
Absolute root path of the collection. All data access is done relative to this path. On a guest collection, this value is only visible if the caller has an administrator role on both the guest collection and the mapped collection it is created on. [Private] |
sharing_restrict_paths |
null or PathRestrictions |
Restrictions on which paths may be shared in guest collections related to this mapped collection. On the mapped collection, these paths are relative to the root_path property of the mapped collection. On a guest collection, they are absolute paths from the storage root. [Private] |
sharing_users_allow |
array of string |
List of connector-specific usernames allowed to create new guest collections on this mapped collection. [Private] |
sharing_users_deny |
array of string |
List of connector-specific usernames denied access to create new guest collections on this mapped collection. [Private] |
storage_gateway_id |
string <uuid> |
Unique ID of the Storage Gateway which this collection provides access to. This value can not change after the collection is created. |
tlsftp_url |
string |
TLSFTP URL for the data on this collection. |
user_credential_id |
string <uuid> |
The ID of the User Credential which is used to access data on this collection. This credential must be owned by the collection’s identity_id. |
user_message |
string |
A message for clients to display to users when interacting with this collection. For guest collections, this property is read-only and is the same as the value of its related mapped collection. The message may be up to 256 characters long. |
user_message_link |
string |
Link to additional messaging for clients to display to users when interacting with this endpoint, linked to an HTTP or HTTPS URL. For guest collections, this property is read-only and is the same as the value of its related mapped collection. |
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
acl_expiration_mins |
integer |
Length of time that guest collection permissions are valid. Only settable on HA guest collections and HA mapped collections and used by guest collections attached to it. When set on both the mapped and guest collections, the lessor value is in effect. Set to null to delete any previously set value. |
allow_guest_collections |
boolean |
Flag indicating if this Collection allows users to create guest collections on it. This is always false if this is a guest collection. If this is changed to false on a mapped collection with associated guest collections, those collections will no longer be accessible. |
authentication_timeout_mins |
integer |
Timeout (in minutes) during which a user is required to have authenticated in a session to access this storage gateway. |
collection_base_path |
string |
Path to be interpreted as the base path when creating a new
collection. It is interpreted differently depending on the
collection type being created. For a mapped collection, this is an
absolute path on the storage system named by the
storage_gateway_id. For a guest collection, this is a relative
path relative to the value of the Support for |
collection_type |
string |
Type of collection. A |
connector_id |
string <uuid> |
Id of the connector type that is used by this collection. |
contact_email |
string |
Email address of the support contact for this collection. This is visible to end users so that they may contact your organization for support. |
contact_info |
string |
Other non-email contact information for the collection, e.g. phone and mailing address. This is visible to end users for support. |
created_at |
string <date> |
Date on which this collection was created |
default_directory |
string |
Default directory when accessing the collection. This may include
the special string If the collection is mapped collection with a
collection_base_path value of |
delete_protected |
boolean |
If set to true, this collection can not be deleted. This property is available only on mapped collections. As of GCS 5.4.69, this is true by default. |
deleted |
boolean |
Flag indicating that this collection has been deleted[Private] |
department |
string |
Department within organization that runs the server(s). Searchable. Optional. Unicode string, max 1024 characters, no new lines. |
description |
string |
A description of the collection. |
disable_anonymous_writes |
boolean |
Flag indicating if guest collections on this mapped collection allow anonymous write permissions or not. This flag is always true for high assurance collections. For non-high assurance mapped collections, the default value is false. |
disable_verify |
boolean |
Flag indicating that this endpoint does not support computing checksums, needed for the verify_checksum option of transfer. |
display_name |
string |
Friendly name for the collection. Unicode string, max 128
characters, no new lines ( |
domain |
Custom domain description |
|
domain_name |
string |
DNS name of the virtual host serving this collection. For mapped
collections which do not have a custom domain, this may be specified as
part of the input document to create the collection, otherwise this is
a read-only property. When included in the input, the name is
restricted to be a subdomain of the endpoint, and the input name label
may not start with |
enable_https |
boolean |
Boolean flag indicating whether this collection should support HTTPS. This value can be set on mapped collections or guest collections. However, it may not be set to True on a guest collection if the value on the related mapped collection is False. |
force_encryption |
boolean |
Flag indicating whether all data transfers to and from this collection are always encrypted. New in v5.4.17: If a mapped collection forces encryption, all of its guest collections must as well. If this option is used on a mapped collection, the value is propagated to its guest collections. |
force_verify |
boolean |
Flag indicating that this endpoint requires computing checksums, needed for the verify_checksum option of transfer. |
guest_auth_policy_id |
string <uuid> |
Authentication policy set on mapped collections and inherited by its guest collections. During authorization, the authentication policy must be satisfied before permissions are considered. Read-only on guest collections. (Added in API 1.15.0) |
high_assurance |
boolean |
Flag indicating if this collection is created on a high assurance Storage Gateway. |
https_url |
string |
HTTPS URL for the data on this collection. |
id |
string <uuid> |
Unique identifier for this collection. This is assigned by the GCS manager when creating a collection. |
identity_id |
string <uuid> |
Globus Auth identity to who acts as the owner of this collection.
This identity is an |
info_link |
string |
Link to a web page with more information about the collection |
keywords |
array of string |
List of search keywords for the endpoint. Optional. Unicode string, max 1024 characters total across all strings. |
last_access |
string <date> |
Date on which this collection was last accessed |
manager_url |
string |
URL of the GCS Manager API service for the endpoint hosting this collection. |
mapped_collection_id |
string <uuid> |
Unique ID of the Mapped Collection which this guest collection is
associated with. This is set on creation and may not be changed.
For a Guest Collection, this must be set, and policies related
sharing ( |
organization |
string |