#20 DOI for private repository

Open
opened 4 years ago by jcolomb · 4 comments

hello,

I wanted to get a doi for private repository, in order to be FAIR without being open. It is not possible at the moment, will it be in the future?

I think it is quite primordial on the long term, as I would like to be able to prepare everything before publication and push the make the data open only afterwards.

hello, I wanted to get a doi for private repository, in order to be FAIR without being open. It is not possible at the moment, will it be in the future? I think it is quite primordial on the long term, as I would like to be able to prepare everything before publication and push the make the data open only afterwards.
Achilleas Koutsou commented 4 years ago
Owner

You can't request a DOI registration on a private repository, but you can prepare everything before making it public. That means uploading data and organising it and adding the datacite.yml file with all the metadata and information about the repository. You can even delete the history if you want by squashing git commits or making a secondary repository with just the final state and publishing that.

In the end, to be able to make the publication request, it should be public though. We also support the option of having a publicly accessible repository that doesn't appear in repository listings on the website, so only people who know the URL can reach it. To do this, there's a checkbox in the repository settings named "Listed" (unchecking it makes the repository unlisted).

I suppose there is a use case where you might want to obtain the DOI (the actual identifier) before it's registered publicly, so you can refer to the dataset while preparing a publication? This is something we have considered at times, but don't support yet automatically. However, it's possible for us to tell you the DOI that the repository would have upon registration if you would like to contact us about it (email us at gin@g-node.org). We might add automatic support for this in the future.

Does this cover your question or where you thinking about another use case? Let me know if you have any further questions.

You can't request a DOI registration on a private repository, but you can prepare everything before making it public. That means uploading data and organising it and adding the `datacite.yml` file with all the metadata and information about the repository. You can even delete the history if you want by squashing git commits or making a secondary repository with just the final state and publishing that. In the end, to be able to make the publication request, it should be public though. We also support the option of having a publicly accessible repository that doesn't appear in repository listings on the website, so only people who know the URL can reach it. To do this, there's a checkbox in the repository settings named "Listed" (unchecking it makes the repository *unlisted*). I suppose there is a use case where you might want to obtain the DOI (the actual identifier) before it's registered publicly, so you can refer to the dataset while preparing a publication? This is something we have considered at times, but don't support yet automatically. However, it's possible for us to tell you the DOI that the repository would have upon registration if you would like to contact us about it (email us at gin@g-node.org). We might add automatic support for this in the future. Does this cover your question or where you thinking about another use case? Let me know if you have any further questions.
julien colomb commented 4 years ago
Poster

A "reserve doi" function is good, but I think the future needs to be better. To go with the FAIR initiative, the data should be accessible even if closed, i.e.:

  • have a doi
  • be accessible via this doi, after an authentication and authorization procedure

That is a bit of the holy grail, but what I would really have is to get the possibility to access the data directly from my software, read it directly in my software and analyse it, even if the data is accessible only by me (via an authentification process).

I am not sure there is any repository which works with such a protocol yet? PS: thanks for the quick reply!

A "reserve doi" function is good, but I think the future needs to be better. To go with the FAIR initiative, the data should be accessible even if closed, i.e.: - have a doi - be accessible via this doi, after an authentication and authorization procedure That is a bit of the holy grail, but what I would really have is to get the possibility to access the data directly from my software, read it directly in my software and analyse it, even if the data is accessible only by me (via an authentification process). I am not sure there is any repository which works with such a protocol yet? PS: thanks for the quick reply!
Achilleas Koutsou commented 4 years ago
Owner

I see. Yes, I understand and this is a valid use case that we don't support explicitly. However, we could arrange a solution that fits this requirement in a manual way if you want. Perhaps we could add automatic support for this in the future as well.

For now, you can continue to prepare your repository and keep it private. You can contact us directly (via email) shortly before you want to finalise it so we can go through the details about how this would work.

Thanks!

I see. Yes, I understand and this is a valid use case that we don't support explicitly. However, we could arrange a solution that fits this requirement in a manual way if you want. Perhaps we could add automatic support for this in the future as well. For now, you can continue to prepare your repository and keep it private. You can contact us directly (via email) shortly before you want to finalise it so we can go through the details about how this would work. Thanks!

I agree with the potential usefulness of @jcolomb's requested feature. Apart from reserving a DOI (which would be great to have), a DOI for private repositories is important for data that is only shared with a Data Use Agreement (DUA).

I think it'd be even better to go a step further and allow for user specific authentication, instead of a single password to access the data.

For example:

  • I upload my data to a private repository, get a DOI, publish a paper where I link to the data using the DOI.
  • In the paper I also link to a Data Use Agreement (with another DOI), which is publicly accessible.
  • People who want access to the data fill out the DUA, and send it to me
  • I can then share authentication details with the person who filled out the DUA
  • If I start to mistrust that person (or for any other reason) I can revoke the authentication for that specific person
  • Everybody else retains their access
  • Ideally I (as the dataset owner) would have a user interface that shows me all "active" authentifications with a neat way to stop and grant access.

@achilleas - I know this is a lot to ask, but I wanted to chime in this conversation because I think this is important to have.

EDIT: Forgot to say - Unlike for say private GitHub repos, which show up as a 404 error if you try to access them without permissions, it would be good if a "private GIN dataset" would show some landing page that assures the "data-searcher-without-permissions" that the data is in fact there, and that a DUA has to be filled out to access it. (Or alternatively any other information that can be customized by the dataset owner, similar to a README that is displayed if the private repository is accessed without permissions)

I agree with the potential usefulness of @jcolomb's requested feature. Apart from reserving a DOI (which would be great to have), a DOI for private repositories is important for data that is only shared with a Data Use Agreement (DUA). I think it'd be even better to go a step further and allow for user specific authentication, instead of a single password to access the data. For example: - I upload my data to a private repository, get a DOI, publish a paper where I link to the data using the DOI. - In the paper I also link to a Data Use Agreement (with another DOI), which is **publicly** accessible. - People who want access to the data fill out the DUA, and send it to me - I can then share authentication details with the person who filled out the DUA - If I start to mistrust that person (or for any other reason) I can revoke the authentication for that specific person - Everybody else retains their access - Ideally I (as the dataset owner) would have a user interface that shows me all "active" authentifications with a neat way to stop and grant access. @achilleas - I know this is a lot to ask, but I wanted to chime in this conversation because I think this is important to have. EDIT: Forgot to say - Unlike for say private GitHub repos, which show up as a 404 error if you try to access them without permissions, it would be good if a "private GIN dataset" would show some landing page that assures the "data-searcher-without-permissions" that the data is in fact there, and that a DUA has to be filled out to access it. (Or alternatively any other information that can be customized by the dataset owner, similar to a README that is displayed if the private repository is accessed without permissions)
Sign in to join this conversation.
No Milestone
No assignee
3 Participants
Loading...
Cancel
Save
There is no content yet.