Skip to content

Core Concepts


A Pipeline is composed of a workflow repository, launch parameters, and a Compute Environment. Pipelines are used to define frequently used pre-configured workflows in a Workspace.


The Launchpad contains the collection of available Pipelines that can be run in a Workspace.

Workflow Runs#

Workflow Runs are the collection executions in a Workspace. Runs display the collection of executions in a Workspace and is used to monitor and inspect details from workflow executions.


Datasets are collections of versioned structured data such as TSV and CSV files. They are used for managing sample sheets and metadata. Datasets can be validated and used as inputs for workflow executions.


Actions automate the execution of pre-configured workflows based on event triggers such as code commits and webhooks. They are used to automate workflow executions.

Compute Environments#

A Compute Environment is composed of credentials, configuration settings, and storage options related to a computing platform. They are used to configure and manage computing platforms where workflows are executed.


Credentials are access keys stored by Tower in an encrypted manner using AES-256. They allow safe storage of authentication keys for Compute Environments, private code repositories, and external services. Credentials cannot be accessed once stored.

Pipeline Secrets#

Secrets are keys used by workflow tasks to interact with external systems e.g. a password to connect to an external database or an API token. Secrets are stored within the Tower using AES-256 encryption. Currently, there are two types of Secrets:

  • Pipeline Secrets defined in a Workspace are available to workflows launched within that Workspace.

  • Secrets defined by a user that are available workflows launched by that user in any Workspace.


Workspaces provide the context in which a user operates, i.e. launch workflow executions, and defines what resources are available/accessible and who can access/operate on those resources. They are are composed of Pipelines, Runs, Actions, Datasets, Compute Environments and Credentials. Access permissions are controlled through Participants, Collaborators, and Teams.


Organizations is the top-level entity where businesses, institutions, and groups can collaborate. Organizations can contain multiple Workspaces.


A user, internal to the organization. A Member has an Organization role and can operate in one or more Organisation Workspaces. In each Workspace, Members can have a Participant role that defines the permissions granted to that user within that Workspace.


A group of Members in the same organization. A Team can operate in one more organisation workspaces with a specific Workspace role (one role per Workspace).


A user operating with a specific Role within a Workspace

Participant Role#

The Participant Role defines the permissions granted to a user to operate within a Workspace.

Back to top