Logging into XNAT
Logging into XNAT
AAF is the recommended way to sign up and login to XNAT.
If your organisation is not in the AAF list during the sign-up process, please contact the respective XNAT support for further options
If your organisation is part of the Australian Access Federation (AAF), you can use your AAF credentials to sign up. See here
For more details on the Australian Access Federation, see https://aaf.edu.au
To use this login, you would have received an email from a UQ XNAT administrator with the login information.
Note
If you have not received an email, either use AAF or contact the respective XNAT support.
RCC Authenticate credentials are NOT your UQ or institutional username and password
1 - AAF login
Login using Australian Access Federation (AAF)
AAF is the recommended way to sign up and login to XNAT.
If your organisation is not in the AAF list during the sign-up process, please contact the respective XNAT support for further options
If your organisation is part of the Australian Access Federation (AAF), you can use your AAF credentials to sign up. Follow the steps below to sign-up/login using AAF.
- Open https://xnat.rcc.uq.edu.au
- Login in with the AAF Single sign-on button (shown below)
This will take you to your XNAT home page.
First time users
First time users will only see publically accessible project when they login2 - Alias tokens
Alias tokens
AAF is used for logging into the XNAT website itself.
But there are a lot of tools and services that will require a connect to the XNAT server externally
These could include
- Windows or Mac desktop clients, like XNAT Desktop
- Command line tools such as xnatpy, pyxnat, xnatutils etc
- XSYNC
All of these tools and services need a way to authenticating to your XNAT account without AAF.
An alias token is a time-limited, long, randomised username and password used for authenticating from external services, without compromising your AAF account or credentials. They can be generated and revoked easily
We’ll look at how to generate them next
Generating Alias tokens
To access the alias token
Click your name on the top right of the website.
This will take you to your user profile management page
Then click the “Manage Alias Tokens” option
There, you’ll find the option to “Create an Alias Token”
When you create the alias token, it will appear as a new entry
Alias tokens expire 60 days after creation
There will be an expiration date column.
You can have multiple alias tokens. And they can be deleted and created as needed to revoke permissions.
Each one will be randomised and unique.
Lets have a look at the alias token details which you can access by clicking on the token.
The key attributes that we need are the alias and the secret
The alias is your username
And secret is your password
So you can use the alias and secret for any external clients requesting a username and password.
Just note, the alias and secret are effectively a temporary set of login credentials.
Do not reveal the secret. It is effectively your temporary password.
If you no longer require the alias token, or suspect a secret has been compromised, just delete the alias token.