Skip to the content

There are two main options for creating user accounts to provide access to OpenAthens:

  • Integrate OpenAthens with your institution’s existing directories allowing you to use the credentials already stored within your own systems to provide user access to OpenAthens.
  • Create new accounts for each user via the OpenAthens administration interface.

Integrating with existing directories

In most cases, organizations will already hold directories with user credentials on their existing systems. The good news is OpenAthens can integrate with a wide range of existing directories making this the best option in most cases. This integration will save you a lot of time and save your library users from needing to remember and store another username and password.

When a user is accessing federated resources that involve identifying their home organization, they will be taken directly to the relevant single login.

OpenAthens can connect to ADFS (Active Directory Federation Services) so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account).

As well as the ability to use local accounts instead of maintaining a separate set of credentials, access routes to federated resources that already involve discovery (identifying the users' home organization) will take the user directly to your ADFS login.

Find out more.

Tutorial: Azure Active Directory integration with OpenAthens.

OpenAthens can connect to SAML sources such as Azure, G Suite, OneLog, OpenAthens LA, Shibboleth and similar so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account).

As well as the ability to use local accounts instead of maintaining a separate set of credentials, access routes to federated resources that already involve discovery (identifying the users' home organization) will take the user directly to your SAML login.

Find out more.

The OpenAthens local authentication API can be used to log your users into the system based on credentials stored in any system you can gain programmatic access to and is ideal in situations where you cannot use any of the other connection types. It requires you to implement some code at your end. 

Your local systems should use at least two-factor authentication (e.g. username and password, barcode and pin).

Find out more.

OpenAthens can connect to CAS (Apereo/JASIG's Central Authentication Service) so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account).

As well as the ability to use local accounts instead of maintaining a separate set of credentials, access routes to federated resources that already involve discovery (identifying the users' home organization) will take the user directly to your CAS login.

Find out more.

OpenAthens can connect to your SirsiDynix system using its Symphony API so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account). You should use at least two-factor authentication for your local users (e.g. username and password, barcode and pin).

Find out more.

OpenAthens can connect directly to an LDAP server so that you do not have to issue personal accounts for your users (you will still need your OpenAthens administrator account). Anything that uses standard LDAP protocols is acceptable so this works very well with ActiveDirectory too.

As well as the ability to use local accounts instead of maintaining a separate set of credentials, access routes to federated resources that already involve discovery (identifying the users' home organization) will take the user directly to your LDAP login at our authentication point - no further discovery is required.

Find out more.

Creating new accounts

Organizations which do not already store user information on their systems will need to create all the user accounts to provide access.

If you need to create new accounts you have two options:

  • Generate new account details for every user yourself then issue their log-in details to them
  • Enable users to create their own accounts through self-registration

In some cases, you may need to activate the library resources before creating the user accounts. Your OpenAthens onboarding lead will help you make that decision. 

Clear instructions on how to set up new personal accounts for each individual user can be found here.

This will require the creation of an online form that users will fill out with relevant details you require in order to issue them with an account. If you are interested in this option, please contact your OpenAthens onboarding lead who will talk you through the various options of how to set this up.

Have a question?

Get in touch with your implementation team

If you have a question about onboarding, please get in touch with your onboarding lead. If you are not sure who that is, send us an email at contact@openathens.net