What Are External Apps?
External Apps are pre-existing web applications that are registered on Edge and have an application tile on the workbench, but are hosted elsewhere. Clicking on the application tile in Edge redirects users to the app's original URL. If a user enters the URL for the app directly in their browser or clicks on the application tile the app will perform authentication with Edge, redirecting them to Edge's login screen if necessary.
Benefits of External Apps
Why register existing web apps hosted elsewhere with Edge? Registering external apps allows you to better centralize and track your R&D workflows, resulting in the following benefits:
- Registering external apps provides a single location to access all data, notebooks, and applications on a project. This makes onboarding new team members significantly easier, and team members spend less time hunting down data, documents, and URLs.
- Edge provides functionality to track usage for native apps as well as the external apps that run in the Edge Kubernetes namespace. By keeping you on top of your cloud footprint on a single dashboard, you can manage available computational resources and avoid overdrawing from a limited budget.
- Registering external apps makes it easier to comply with organizational, institutional, or governmental data policies and prevent loss of data or intellectual property through the use of unsecured data channels or applications.
Integrating an External App
External Applications can integrate with Edge if they support the OAuth2 Authorization Code Flow. The process for integrating an External Application is as follows:
- Create an
Applicationrecord in Edge
- Create an
AppVersionrecord in Edge
- Register the Application with a redirect URI
- Provide the
client_secretto the External App for the Authorization Code Flow
You can see an example for this in our Examples Github repository. Please see External App Example for more details.
Registering the App
Registering an External App is very similar to
Publishing an Application.
You will require organization developer access and an API token, as well as an
EdgeSession created from the
enthought_edge EDM package. There are some
notable differences when creating an
kindparameter must be
linkparameter must be the URL of the External App App's deployed location
This is an example of code for creating an
AppVersion that differs
from Adding an Application Version:
version1 = AppVersion(
title="Edge External App Demo, v1.0.0",
description="Demonstration of an external application",
Registering an OAuth2 Client
When an External App requires a user to login, it can perform an OAuth
redirection to Edge's login screen. After the user logs in, they are
redirected back to the External App. For the OAuth code and token
exchange to occur, the External App requires a
client_secret value. These values are provided by Edge when an Organization
Developer registers a
redirect_url for the app. You can perform this task
result = edge.applications.register_oauth_client(
The result of this operation will be a dictionary with the
As shown in our External App example, the authorize endpoint processes the result of the OAuth2 redirection.
An application may only have exactly one OAuth client. Registering
an OAuth client always invalidates the previous
redirect_uri is the same. This means that the deployed
External App will have to be reconfigured with the new
client_secret. The previous
client_secret is unrecoverable.
External App Requirements
External Apps use the
with a few other values to integrate with Edge's authentication. The
External App example
is a Flask application that demonstrates how to implement the OAuth2
Authorization Code Flow. To see details of how to configure the External
Application to use these values, view the example's
Edge provides authentication for external applications and guarantees that the ID of a user is genuine. It is up to an External App to determine the authorization for that user to access the External App's resources. For more information, see the README.md file in the External App example.
There are many ways to deploy an External App. Our example is deployed to
https://edge-external-demo.edge-dev.enthought.com using Terraform. If you
wish to use the application code and deployment configuration as a template,
you will require a Kubernetes namespace for deployment. To configure your
deployment, follow the instructions in the Edge External App example's
You can contact email@example.com if you need our assistance with deploying an external app.