Historically, institutions' IT staff have leveraged single sign-on for enterprise applications; however in recent years, “federated single sign-on” has come into focus as a beneficial authentication method for both libraries and their service providers. In this context, federated refers to a network of metadata for all entities — libraries and publishers alike — that allows connections to be made with greater ease by eliminating the requirement to manually exchange metadata. Federated single sign-on leverages the secure, modern authentication technologies preferred by IT, but allows the connection to be set up with numerous library service providers more quickly and easily.
As we’ve experienced during the ongoing COVID-19 crisis, remote access is likely to be the main way researchers use libraries for some time. To make searching library resources as seamless as possible, authentication — leveraging single sign-on (SSO) and improving access — can make researching while working remotely as easy as research performed within the library’s physical location, pre-pandemic.
The increase in remote access we’ve seen since the start of the pandemic has magnified difficulties presented by IP reliance. For some institutions, this has manifested as network overload, where their proxy service is supporting more traffic than usual; for others, it could simply be obstacles to access for users who are no longer accessing from within the physical library or university.
This is where OpenAthens, EBSCO’s authentication partner, comes to the rescue by providing federated access. Single sign-on allows researchers to use their institutional credentials (meaning their usernames and passwords from their home institution, such as their university) to access different content providers (such as a publisher). These usernames and passwords are their “everyday” credentials — the ones they regularly use to access their institution — and are not unique to the specific publisher.
The way this works is the home library serves as the “Identity Provider.” Via OpenAthens, it vouches for the student’s credentials with, let’s say, a publisher, who in this case would be the “Service Provider.”
What’s nice about this is that while the Identity Provider is vouching for the user, federated access does not rely on a user’s IP address or physical location to support access to the Service Provider’s content.
When a student uses EBSCO Discovery Service™ (EDS) and finds an article from a particular publication, the university system's OpenAthens integration will automatically tell the publisher’s system, “Yeah, I know this person. They’re legit. You can share this article directly with them.” At which point, the publication says, “Great. One article coming right up.”
When a student uses EBSCO Discovery Service™ (EDS) and finds an article from a particular publication, the university system's OpenAthens integration will automatically tell the publisher’s system, “Yeah, I know this person. They’re legit. You can share this article directly with them.” At which point, the publication says, “Great. One article coming right up.”
Let’s say a library uses OpenAthens for single sign-on. When a student uses EBSCO Discovery Service™ (EDS) and finds an article from a particular publication, the university system’s OpenAthens integration will automatically tell the publisher’s system, “Yeah, I know this person. They’re legit. You can share this article directly with them.” At which point, the publication says, “Great. One article coming right up.”
So, in this example, there is no need for the university’s network to carry the load of thousands of students trying to access articles from thousands of providers. This is important because if a network is overloaded, then access can fail. Furthermore, if users are accessing from outside the library or off-campus (meaning, they are off the network), then having SSO helps them gain access from wherever they are located.
The student just needs to have first logged into EDS or any other application that uses their institutional credentials — i.e., they’ve just started their SSO session. When the student uses EDS to locate an article, the university essentially provides a passport via OpenAthens, and then the publisher’s system knows to return results for the query.
Another bonus is that the library/Identity Provider is in charge of how much user data it shares with the publisher/Service Provider about the user. Essentially, the Identity Provider can keep its students’ personal information private while telling the Service Provider that it is okay to share articles with the students.
And it’s not just libraries and their students that benefit. It’s a great deal for publishers as well. By making it easier for researchers to access information through their EDS searches, publisher usage increases. For example, when COVID-19 hit, the American Chemical Society’s publication arm, ACS Publications, activated federated access for institutions in several single sign-on federations, and has since seen usage explode by several thousand percent.
In a world where stepping into the library isn’t as easy as it used to be, now is the time to make online access to resources as easy as possible. Take a look at how EDS and OpenAthens can help you.