Lo sentimos, esta página no ha sido traducida aún.
Whether you already offer single sign-on for your products or use another method, we are here to assist you. In this guide, we explain the different ways to connect with your customers' existing systems to enhance the single sign-on experience for your users. We help you establish secure connections with your customers, providing expert advice and support every step of the way, and eliminating the need for unsafe peer-to-peer connections.
OpenAthens allows libraries and identity providers to connect securely to your resources, providing you with access to the needed user data, without necessarily sharing personally identifiable information (PII). We use two different methods to allow single sign-on integrations.
We help service providers integrate with OpenAthens using your SAML, via Shibboleth, or SimpleSAMLPHP. We are part of the REFEDS community and we follow the same technical standards as other national federations.
If you are using a platform provider such as Silverchair, Atypon, Highwire, then you also have access to a SAML SP, so we can work with your platform provider to integrate you with OpenAthens.
Along with SAML, OIDC is fast becoming the new dominant standard in federated identity. Adding support for OIDC enables OpenAthens to connect to a wider range of identity systems and directories which organizations are increasingly starting to use.
You can configure an application supporting OpenID Connect. Keystone is an OpenAthens cloud hosted service we provide to publishers who do not have an existing SAML SP. Keystone uses an OIDC library to connect with your platform, so we can take care of all the SAML requirements.
OIDC is a common standard and is often supported on hosting services like WordPress. It will also be supported on enterprise IAM solutions like Okta, Auth0, Amazon Cognito.
Identity and Access Management (IAM) is like a toolbox for organizations. It is a framework of business policies, rules, ways of doing things, that answers the questions who does what, when, and why. This makes sure only the right people get into the right places at the right times.
IAM makes life easier for employees too. They don’t have to worry about remembering lots of different passwords or getting permission for each thing they need to do. IAM could include different sign on options working at the same time, as it could be SSO, multifactor authentication. Some examples are Okta, Auth0, Amazon Cognito, Shibboleth, Microsoft Entra, Google Workspace and OpenAthens.
Most customers or subscribers will have a SAML-based identity provider or single sign-on solution, and therefore, we recommend registering your product in SAML-based federations.
Have you heard of 1:1, bilateral or peer-to-peer connections? They are a direct line between you and a specific identity provider or library. They make it possible to share information between SAML-enabled systems, such as libraries and publishers, without needing to join a federation.
OpenAthens Keystone can connect to SAML sources such as Microsoft Entra, Google Workspace, Okta, OneLogin, and others so libraries and organizations do not have to issue personal accounts for their users. They can simply use their institutional, organizational or local credentials
Federated authentication is the standard for authentication within the academic sector globally. However, you may well sell to libraries or organizations outside of that market. 1:1 SAML allows you to still connect to these customers through SSO.
If you have any questions or you need more information, contact our account management team, and they will be happy to guide you and find a solution that suits your needs.
