Identity and Access

Specification

The TRE must implement identity and access management services to manage user access to resources based on trusted identities. These services may be deployed on-cluster, or apps may connect to off-cluster identity services, for authentication and authorisation, with MFA enforced.

Last updated: 2025-11-25
Source: N/A

Implementation Compliance

K8TRE Reference Implementation

TREu

TREu requires users to log into the TRE Portal using their standard UCL identity. External collaborators invited to join projects are provisioned with a guest UCL user identity during the TRE onboarding process and log in using this identity.

FRIDGE

SATRE components realised by this statement

Component 1.5.3
SATRE requires TRE operators to have a set of services to manage access to resources based on identity. K8TRE-compliant components or entire TREs must therefore provide access to resources based on identity.

FAQ

• Question

Answer