Glossary

10 May 2021 | Lauren Harding, marketing officer

Glossary

Key terms used throughout this site and the onboarding process

glasses on a pile of books
Active Directory A Microsoft product that controls access and authentication to a Windows-based network using LDAP.
Attributes Information about an individual e.g. email address, job title or department.
Authentication The process of logging in against a set of approved usernames and passwords or IP address ranges.
Authentication Token A way of storing a username’s credentials to permit access to services that would otherwise require separate logins.
Authorization Process of permitting access to protected content based on user attributes.
The Cloud Storing data or software on remote or distributed servers in order to improve the scalability and availability of a product or service.
Deep Link A link to a specific piece of content, whether that’s an article, book chapter, image or other resource.
Directory A set of user information managed centrally by an organization containing information about the organization’s members e.g. name, department, email address.
Discovery Service A web service that indexes the whole of a library’s holdings, so that users can easily search many different resources at once.
Document Delivery A service that delivers and bills for individual documents electronically when they are not within an organization’s library.
Domain A network location consisting of computers or websites that are owned and operated by an individual or organization. Often defined by IP addresses and URLs.
Entitlement The set of resources that a user is able to access through their institution for example collections of books and journals.
EntityID A unique identifier for an identity provider or service provider registered in a federation. Used in SAML.
Federated Access Management Using the protocols and policies provided by a federation.
Federation A group of organizations consisting of identity providers and service providers which enables access to content via agreed attributes and eligibility.
Identity Provider An organization or product that confirms user identities and attributes to enable them to access content owned by service providers. Examples of IdP products are OpenAthens, Shibboleth and Ping Federate.
IP Address A numerical reference (e.g. 123.123.123.0) that identifies the location of a device on a network or the wider internet, managed globally.
IP authentication A form of access management that grants access to resources based on the IP address of a user’s device.
IP Range The range of IP addresses used by a particular institution, organization or country.
LDAP An industry-standard protocol allowing information about users, services and systems to be shared across networks (for example, between a user’s network and that of a content provider). A core element of many SSO products.
Link Resolver Software that help libraries identify and link users to a copy of a resource to which they have access entitlement (e.g. a journal to which the institution subscribes) based on a search query.
OpenAthens An access management system for organizations or content providers that facilitates SSO access to subscription content.
OpenAthens Federation An international federation run by OpenAthens. All OpenAthens customers are in the federation. A federation is a group of organizations consisting of identity providers and service providers which enables access to content via agreed attributes and eligibility.
Organisation identifier Unique to an organisation, the identifier allows services providers to recognise the subscribing party.
Portal A webpage that grants access to many different resources.
Proxy Service Software that acts as an intermediary between users and content. Often used to facilitate remote access to subscription-based content.
Redirector The OpenAthens Redirector is a tool that allows you to add a consistent prefix to database links. When this new link is followed, the redirector works out the best way to get the user there - no need to maintain separate links for on-site and off-site access or work with complicated 'WAYFless URLs' (the redirector uses them so that you don't have to).
Remote Access Allows users to access library holdings with their normal login credentials when they are outside of the institution network, for example at home or using a mobile device.
SaaS – ‘Software as a service’ Cloud-based web applications.
SAML – ‘Security assertion markup language’ A protocol for exchanging security information between identity providers and service providers.
Scope An identifier used to identify organizations. Often set so be the same as an organisation's domain name.
Seamless Access Providing users with content without any need to sign into multiple different services or websites.
Service Provider An organization that provides content or services.
Shibboleth An open-source access management system for organizations or content providers that facilitates SSO access to subscription content.
SSO – ‘Single sign-on’ Providing users with access to many different systems through a single set of login details
URL – ‘Uniform resource identifier’ An address that specifies a web of intranet site and specific item of content.
User Journey The steps a user takes to get to the content they wish to access.
VLE – ‘Virtual learning environment’ A web-based service for educational institutions that allow access to a range of learning resources, including course information and content, assessment functionality and links to relevant library holdings.
VPN – ‘Virtual private network’ Software that allows secure remote access to a network from outside the organization.
WAYF – ‘Where are you from’ A service that asks users to specify their organization in order to grant access to content.
WAYFless URL A type of deep link that provides users with a direct route to content. The URL includes code specifying the identity provider the user is affiliated with, meaning the user is not required to navigate the service provider's WAYF.