OpenAthens unpacked: Library edition

Q: What are managed accounts in OpenAthens Compass?

A: Managed accounts are user accounts created and maintained directly within OpenAthens Compass. These include personal accounts (one user per account) and access accounts (shared access based on IP ranges).
They differ from accounts authenticated via external directories like Microsoft Entra.

Q: Can users be notified when their permission sets change?

A: No, permission set changes are administrative actions and are not communicated directly to users. They are primarily used for managing access and reporting.

Q: How can I use permission sets correctly?

A: Permission sets allow you to manage access to resources and segment reporting by user groups. They’re especially useful for institutions with complex access needs or those using local authentication systems.

Q: Can personal accounts be created in bulk and how does this work?

A: Yes, OpenAthens Compass provides a bulk upload template that allows administrators to create, modify, or delete multiple accounts at once. The template has specific columns for each task, making it clear where to input data.

Q: What’s the difference between reporting and auditing?

A: Reporting shows usage data, such as how often users access specific platforms or resources.
    Auditing tracks account-specific events like password resets, account creation, or suspensions.

Q: Can OpenAthens reporting show title-level usage?

A: No, reporting in OpenAthens only shows platform-level usage. Title-level data may be available directly from publishers if their platforms support it.

Q: How quickly are changes in an external identity provider (IDP) reflected in OpenAthens?

A: Changes such as account deletions or suspensions in your IDP (e.g. Active Directory) are reflected immediately in OpenAthens. If a user is removed from the IDP, they will no longer be able to authenticate via OpenAthens.

Q: What should I do if my Active Directory is not passing correct information to OpenAthens?

A: It’s best to work with OpenAthens technical consultants to resolve configuration issues. Creating managed accounts as a workaround is possible but may lead to duplicate accounts and is not recommended as a long-term solution.

Q: Is there a way to schedule reports in OpenAthens Compass?

A: Yes, you can schedule reports to be sent regularly to specific recipients. These reports will be saved in the “Saved Reports” section and can be downloaded as needed.

Q: Can you explain more about restrictive mode and what this means? If we turned this on, would we have to allocate all our resources in the catalogue?

A: Once restrictive mode is enabled it will allow you as the admin to restrict access via permission sets within your catalogue to specific resources. This means you can decide what cohort of users, access resources within your catalogue. This does mean that you will need to allocate all the resources in your catalogue that you have a subscription to

Q: We have some suppliers that use OpenAthens, but when testing the redirector links, these do not work correctly. Can you explain why this might be?

A: This is difficult to define an answer without troubleshooting a specific example, however common issues with Redirector links include:

• • The publisher does not allow deeplinking to article level

• • Your library discovery service link resolver has not been configured correctly

• • The Redirector link has been created manually, instead of using our Redirector tool, which ensures correct encoding is applied

Q: Is there a way in OpenAthens Compass for me to see which attributes each Resource *requires* to be released?

A: Unfortunately, not, however this information can sometimes be found on the publisher’s website or from your subscription agent. Alternatively, you may be able to source this information from our Listserv.

Q: Do the attributes in the Default release policy get sent to vendors that use a custom release policy?

A: No, any resource specific release policy will override the attributes being released by your Default policy.

Q: We have a historical OpenAthens setup which is managed between IT and the Library, but no current staff have a full understanding of how it works and how all our resources are authenticated. We’d like to start using it better for access and reporting – can we get advice from OpenAthens?

A: Yes, contact your OpenAthens account manager to discuss options for upskilling your team.

Q: In regard to manual resource allocation, is there a downside to not removing old resources other than avoiding clutter?

A: Potential impacts include:

• • Old resources will still appear in MyAthens

• • Reporting data may become inconsistent

Q: Is there a benefit to allocating completely open/free resources like DOAJ or PubMed and directing users through OpenAthens?

A: Yes. If users access these resources via OpenAthens, usage data will be collected and available in your Reporting Dashboard.

Q: In a managed account scenario, is reporting only available in aggregate or can you track what resources a particular user accesses generically.

A: You can set a field (e.g., Username) as reportable for detailed tracking but be aware of any local privacy regulations that might apply. The reporting API can also provide raw event data as well as aggregate reports.

Q: What is the use case for using the ‘groups’ function?

A: The groups function allows you to manage accounts in bulk. For example, you can apply, edit, or remove permission sets for an entire group rather than individually.

Q: How do groups differ from permission sets?

A: Group: A collection of user accounts with common characteristics

Permission Sets: A permission-based rule that enables or restricts access to specific resources

Q: Can you explain proxied resources and whether they work with go.openathens.net or only proxy.openathens.net URLs?

A: Both formats will provide access to the resource. Target URL’s that contain domains hosted on our proxy service are always compatible with our Redirector Tool. The advantage of using the go.openathens.net format is that authentication will go via your local directory authentication (if you have one).

More info on our Redirector Tool can be found here.

Q: Can you talk about or provide resources about using Data Explore to download report data into Tableau.

A: As well as a mechanism to return aggregated reports, our Reporting API tool allows calls that can also be used to retrieve raw data. This gives a flat report in CSV format you can use in analysis tools such as Tableau and Power BI.

Q: Do I need any specialist skills to use the APIs?

A: Whilst it’s not complicated to set up the Reporting API, you do typically need someone technical who has some basic knowledge of APIs, coding and handling data. The API set up itself could be achieved in a matter of hours.

Q: Does it work with Panorama?

A: Yes, as it uses Tableau as its front-end visualization tool.

Q: What kind of interventions do you think will be most effective in helping student retention? E.g. Identifying struggling students who have no OpenAthens sessions and sending them research tutorials?

A: Whilst the reporting API can be used to help identify students who may need intervention, the types of interventions themselves are beyond the scope of this webinar.

Q: Does the reporting API return data from all organization levels, or do they need to be set up for specific sub-organizations (in the same way you need to switch up the organizations in the reporting dashboard to view sub-organization data)?

A: The API works at the organization level. When you authenticate using your API key, the data returned is scoped to that organization.
If your structure includes sub-organizations, you’ll need to:

• Generate API keys for each sub-organization (or use an admin key if available)
• Make separate calls for each sub-organization to pull their data

This mirrors the behavior in the reporting dashboard, where you switch organizations to view their reports.
For example, if you manage consortium with multiple libraries, you’d run separate API calls for each library to get accurate usage data.