Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Implementing OpenAthens Single Sign-On Authentication


Published on

Presentation from Leading Edge Libraries Conference, September 22, 2017, hosted by the Florida-Caribbean Chapter of the Special Libraries Association. This presentation introduces OpenAthens, explains how it differs from proxy-based authentication, and presents the adoption and implementation process in a small library.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Implementing OpenAthens Single Sign-On Authentication

  1. 1. Implementing OpenAthens Single Sign-On Authentication Myka Kennedy Stephens Seminary Librarian Lancaster Theological Seminary Lancaster, Pennsylvania
  2. 2. OVERVIEW ▪ Introduction to OpenAthens ▪ Set-up and Implementation ▪ Ongoing Maintenance and Support 2
  3. 3. Introduction to
  4. 4. SAML-Compliant SSO ▪ SSO = Single Sign-On ▪ SAML = Security Assertion Markup Language ▪ Federation = group of publishers and subscribers who agree on common rules for access ▪ Shibboleth = identity federation, also SAML- compliant, compatible with OpenAthens 4
  5. 5. IP Authentication 5 User Organizational Network Content Provider Local IP Network IP IP Recognition and Resource Release
  6. 6. Proxy Authentication 6 User Proxy Server Content Provider Proxy Server IP IP Recognition and Resource Release Username/Password
  7. 7. SAML Authentication 7 User Identity Provider Content Provider Identity Authentication
  8. 8. Advantages of ▪ More secure transmission of user information ▪ Log in once per session ▪ Track usage of individuals ▪ Compatible with other authentication tools: Oauth2, LDAP, REST API ▪ Connect almost any subscribed content 8
  9. 9. Setup and Implementation
  10. 10. What You Need To Know ▪ IP address(es) for your organization ▪ List of all resources (EBSCO and non- EBSCO) ▪ How do you want users to log in? ▪ How many user groups are needed? ▪ How will users be created in OpenAthens? ▪ Clear vision of the user journey 10
  11. 11. The EBSCO Process Getting Started ▪ Assigned to a Coordinator ▪ OpenAthens Set- up Questionnaire ▪ Supply information for all content providers Link Content ▪ EBSCO & Eduserv configure resources ▪ Follow-up required for some content providers and vendors Establish Paths ▪ Access to the OpenAthens Administrator Dashboard ▪ Create user groups and permission sets 11
  12. 12. The EBSCO Process (cont.) User Accounts ▪ Bulk upload user accounts ▪ Setup a connector (Oauth2, LDAP, REST API) with an existing user database, mapping attributes to OpenAthens fields “Athenizing” Links ▪ Replace URLs to content with a new “Athenized” link ▪ EBSCO can provide links, or use tool in Administrator Dashboard Go-Live & Testing ▪ May beta test first with select users and content ▪ Go-live activates access to EBSCO from OpenAthens ▪ 2-week testing phase ▪ User Education! 12
  13. 13. Ongoing Maintenance and Support
  14. 14. 14 OpenAthens User Management
  15. 15. 15 Monitor Accounts Created with Connector
  16. 16. 16 Add, Remove, and Allocate Resources
  17. 17. 17 Generate Access Reports
  18. 18. 18 View Audit Reports and Logs
  19. 19. Thanks! 19 Myka Kennedy Stephens Seminary Librarian & Assistant Professor Lancaster Theological Seminary Lancaster, Pennsylvania Email: Facebook: @mykakennedystephens Blog: Presentation template adapted from SlidesCarnival