What can federated single sign-on do that IP authentication with VPN can't?
Federated access focuses on 'meeting the user where they are', meeting the user expectation of being able to navigate to a resource from the open web and gain access; without having then to retrace their steps to a library discovery tool to gain access or use a tool such as a VPN to gain access.
Using federated SSO offers a fairly standardized experience when navigating to a vendor or publisher site, locating the institutional login and signing in. For example, vendors and publishers using Seamless Access offer a recognizable institutional login workflow.
SSO allows for obtaining granular usage statistics (without releasing any personally identifiable information); at department, or group level, for example. This isn’t possible with IP access. Federated SSO also allows limiting access to a resource for specific groups, where they are only licensed to provide access for one department for example.
Federated offers single sign-on not only to the content but also any personalization services offered by the website e.g. CPD/CME credits (continual professional development/ Continuing Medical Education), bookshelves, etc. When using IP recognition a user would usually have to provide
r more PII (personally identifiable information) and manually sign-in to each site separately.
We have some resources on this topic you might find helpful:
We have a range of case studies where the OpenAthens community share their experiences, including promotion with their user communities. You can view them in our YouTube playlist.
All required fields are marked with '*'