Skip to main content
Version: 23.2.0

Core Concepts


A pipeline is a pre-configured workflow that can be used by all users in a workspace. It is composed of a workflow repository, launch parameters, and a compute environment.


The Launchpad contains the collection of available pipelines that can be run in a workspace. From here, you can view and select pre-configured pipelines for launch.


A run is a workflow execution. The Runs view is used to monitor and inspect the details of workflow executions in a workspace.

Compute environments

A compute environment is the platform where workflows are executed. It is composed of access credentials, configuration settings, and storage options for the environment.


Credentials are access keys stored by Tower in an encrypted format, using AES-256 encryption. They allow the safe storage of authentication keys for compute environments, private code repositories, and external services.


Datasets are collections of versioned, structured data, usually in TSV (tab-separated values) and CSV (comma-separated values) formats. They are used to manage sample sheets and metadata, to be validated and used as inputs for workflow executions.


Actions are used to automate the execution of pre-configured workflows (pipelines), based on event triggers such as code commits and webhooks.

Pipeline secrets

Pipeline secrets are keys used by workflow tasks to interact with external systems, such as a password to connect to an external database or an API token. They are stored in Tower using AES-256 encryption.

There are two types of pipeline secrets:

  • Pipeline secrets defined in a workspace are available to the workflows launched within that workspace.

  • Pipeline secrets defined by a user are available to the workflows launched by that user in any workspace.


A workspace provides the context in which a user operates, including what resources are available and who can access them. It is composed of pipelines, compute environments, credentials, runs, actions, and datasets. Access permissions are controlled through participants, collaborators, and teams.


An organization is the top-level entity where businesses, institutions, and groups can collaborate. It can contain multiple workspaces.


A member is a user who is internal to the organization. Members have an organization role and can operate in one or more organization workspaces. In each workspace, members can have a participant role that defines the permissions granted to them within that workspace.


A team is a group of members in the same organization. Teams can operate in one or more organization workspaces with a specific workspace role (one role per workspace).


A user operating with an assigned role within a workspace.

Participant role

The participant role defines the permissions granted to a user to perform actions or tasks within a workspace.