Step 2: creating accounts

There are two main options for creating user accounts – connecting to your institutional directory or creating new OpenAthens accounts.

Back to onboarding guide Move on to step 3

Integrating with existing institutional directories

In most cases, organizations will already hold directories with user credentials on their existing systems. The good news is OpenAthens can integrate with a wide range of existing directories making this the best option in most cases. This integration will save you a lot of time and save your library users from needing to remember and store another username and password.

When a user is accessing federated resources that involve identifying their home organization, they will be taken directly to the relevant single login.

  1. ADFS

    OpenAthens can connect to ADFS (Active Directory Federation Services) so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account).

    As well as the ability to use local accounts instead of maintaining a separate set of credentials, access routes to federated resources that already involve discovery (identifying the users’ home organization) will take the user directly to your ADFS login.

    Tutorial: Azure Active Directory integration with OpenAthens.

    Find out more about OpenAthens and ADFS

  2. SAML

    OpenAthens can connect to SAML sources such as Azure, G Suite, OneLog, OpenAthens LA, Shibboleth and similar so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account).

    As well as the ability to use local accounts instead of maintaining a separate set of credentials, access routes to federated resources that already involve discovery (identifying the users’ home organization) will take the user directly to your SAML login.

    Find out more about SAML

  3. API

    The OpenAthens local authentication API can be used to log your users into the system based on credentials stored in any system you can gain programmatic access to and is ideal in situations where you cannot use any of the other connection types. It requires you to implement some code at your end.

    Your local systems should use at least two-factor authentication (e.g. username and password, barcode and pin).

    Find out more about OpenAthens local authentication API

  4. CAS

    OpenAthens can connect to CAS (Apereo/JASIG’s Central Authentication Service) so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account).

    As well as the ability to use local accounts instead of maintaining a separate set of credentials, access routes to federated resources that already involve discovery (identifying the users’ home organization) will take the user directly to your CAS login.

    Find out more about OpenAthens and CAS connector

  5. SirsiDynix

    OpenAthens can connect to your SirsiDynix system using its Symphony API so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account). You should use at least two-factor authentication for your local users (e.g. username and password, barcode and pin).

    Find out more about OpenAthens and SirsiDynix connector

  6. LDAP (active directory)

    OpenAthens can connect directly to an LDAP server so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account). Anything that uses standard LDAP protocols is acceptable so this works very well with ActiveDirectory too.

    As well as the ability to use local accounts instead of maintaining a separate set of credentials, access routes to federated resources that already involve discovery (identifying the users’ home organization) will take the user directly to your LDAP login at our authentication point – no further discovery is required.

    Find out more about OpenAthens and LDAP connector

Creating new accounts

Organizations which do not already store user information on their systems will need to create all the user accounts to provide access.

Clear instructions on how to set up new personal accounts for each individual user can be found in our OpenAthens documentation.

Read our documentation on creating users

Self-registration accounts

This will require the creation of an online form that users will fill out with the relevant details you require in order to issue them with an account. If you are interested in this option, please contact your OpenAthens onboarding lead who will talk you through the various options of how to set this up.

person shuffling paper

Account management

You’ll need to decide how best to manage access to your OpenAthens resources so different users can gain access to what they need while protecting valuable content.

Learn more about account management