Anyone can browse public content on Synapse, but you will need to register for an account to download and/or add content. To create an account, you must be over the age of 13 and have an email address. You will receive an email message for verification to complete the registration process.
Certain actions in Synapse require additional steps, such as certification or validation. Explore the different Synapse user account types to learn more about which account type you need.
Managing Your Profile
Visit your user profile, which can be accessed by clicking the letter icon in the bottom left and selecting View Profile from the menu. From there, you can click on Edit Profile in order to take any of the following actions:
Change your Synapse username, email, or password
Add or edit your first and last name
Add or edit additional information, such as your affiliation or title
Upload a profile picture
Include a brief biography
You can find additional profile settings by clicking the letter icon in the bottom left, then followed by Account Settings. In addition to editing your profile from here, you can:
Change your preferred date/time format
Access the certification quiz to become a certified user, if you haven’t already
Validate your profile to become a validated user
Link your profile to your ORCID account
Opt in or out of Synapse email notifications
View the discussion threads and forums that you have subscribed to, and unfollow if desired
Add/manage your personal access tokens
Important: Do not reuse passwords from other sites. We recommend generating a unique password and using a secure password manager to protect your Synapse account.
Adding Additional Email Addresses
Your Synapse account can have multiple email addresses associated with it. For each new email that you add, a notification will be sent to the chosen email address with a confirmation link. Follow the link to confirm ownership of the email account.
Adding Google Email Addresses to Enable SSO
Synapse integrates with Google’s Single Sign On (SSO) using OAuth 2.0, allowing you to sign in with your Google credentials. If you are already signed in to Google in your web browser, then you can sign in to Synapse without entering a password once you have connected your Google account.
To enable SSO, create your Synapse account using your Google email address, or add a Google email address as a secondary email. You can use a Gmail address, or an institutional email address configured to be used with Google Suite. To add a secondary Google email, click the letter icon at the bottom left of any Synapse page (you must be logged in to Synapse) and select Account Settings. Scroll down to the Email section and add your Google-recognized email address (as shown in Gmail) to your account.
Sometimes it is not obvious what your Google-recognized email is, and you may have more than one alias. One way to check is to open Gmail in your browser and click on your photo or icon in in the upper right corner. The dialog that pops up will show the correct address.
Once you have created your Synapse account and added your Google email address, sign out of Synapse and sign back in using Google by clicking “Sign in with Google” on the Synapse login page.
Synapse Email and Notifications
Synapse creates an email alias for you when you create an account, <your username>@synapse.org. Synapse uses this email as a relay to send and receive messages, keeping your registered email address private.
To send email to <someone>@synapse.org, you must send the email from an address that is registered with Synapse. Messages sent from an unregistered email address will bounce back. Synapse will forward your message to your recipient’s registered email address. When that message is received, your email address will be replaced with your Synapse email alias (<your username>@synapse.org).
Synapse also sends platform notifications via email, such as @mentions in discussion forums, but it only sends them to the single email address you have selected to be your primary email. You can manage this preference on your Account Settings page.
Personal Access Tokens
You can log in to the Synapse command line, Python or R clients using a personal access token instead of your username and password. Using a token is highly recommended over a username and password since a token can be easily revoked if it is compromised. Additionally, each token can be scoped so that it only grants permission to certain parts of your Synapse account, whereas your username and password have access to your whole account.
To generate a personal access token in the web client, navigate to your Account Settings page, scroll to the bottom of the screen, and click Manage Personal Access Tokens. You can view a list of the existing tokens and their permissions, or click Create New Token to generate a new personal access token with customized access to your Synapse account.
See Client Configuration for more information on configuring Synapse clients using an access token.
Adding Two-Factor Authentication (2FA) to your account
To increase the security of your Synapse account, you can enable two-factor authentication (2FA). Synapse uses a time-based one-time password approach, which is supported by many applications, such as Google Authenticator, Duo Mobile, Microsoft Authenticator, and Authy. Enabling 2FA on your account may be required to access certain sensitive datasets.
To enable 2FA on your account, navigate to your Account Settings and locate the Two-Factor Authentication section. If your account does not have 2FA enabled, you can click “Activate 2FA” and follow the on-screen steps to enable 2FA. After verifying the passcode generated by your authenticator app, Synapse will automatically generate one-time use backup codes for you, in case you lose access to your authenticator app. Keep these codes in a secure place that is separate from your authenticator app.
If you wish to disable 2FA, you can navigate to your account settings page and click “Deactivate 2FA”. If you disable 2FA on your account, you will be unable to download those sensitive datasets that require 2FA, even if you previously had access to them.
For cases where entering a 2FA code is not possible, such as in automated jobs that interact with Synapse using the programmatic clients, you can use Personal Access Tokens, which will not prompt for a 2FA code.
Deactivating Your Account
All user activity on Synapse is recorded for auditing purposes. So, although they can be updated, Synapse accounts cannot be deleted. All of your public activities are and will remain publicly viewable. All of your activities within private projects are and will remain viewable to the people within that project. If you wish to deactivate your account, please contact us through our virtual help desk.