Shibboleth, Open Athens, and EBSCO OA Authentication

Follow

Institutional Login

Credo Reference supports three Single Sign On (SSO) options that allows the customer institution to manage their own user authentication.

1. Shibboleth

Shibboleth is a standard SSO solution developed by Internet2. Credo customers who have a Shibboleth 'Identity Provider' (IdP) server (or who use an out-sourced Identity Provider) can connect their users to Credo Reference through their IdP. Customers must have their metadata registered with the UK Access Federation in order to connect to Credo.

Configuring Shibboleth

Credo Reference supports attribute eduPersonScopedAffiliation as a login identifier. To make this work, the domain name used on these attributes must match the domain name Credo Reference has assigned to your account. Please contact Credo Reference support to let us know what domain name is used by your IdP's attribute release policy.

Credo Reference also supports your IdP's Identity Provider Entity ID as a login identifier. To make this work, please contact Credo Reference support to let us know your IdP's Entity ID. This entity ID must be used only by users from one institution. IdPs that are shared by multiple institutions cannot use this login identifier.

Logging In

There are two ways to login via Shibboleth.

  1. The user can find their institution on our "Where are you from?" page. 
  2. By using the URL format below, often known as a WAYFless URL, your users can be directed straight to your IdP without having to select it from the Discovery Service list of institutions. To create it, you'll need to know the entityId of your IdP and add it to the URL. The basic format is as follows:

    https://search.credoreference.com/Shibboleth.sso/Login?entityID=[IDP here]&target=https://search.credoreference.com/auth/shibboleth/callback?state=/

If you need help, just contact support@credoreference.com.

2. Open Athens

Higher Education institutions in the UK can offer access to students offsite using Open Athens Authentication. Credo Reference supports Athens' single-password sign-in, so that once logged into one Athens resource, remote users are logged into all their resources during their session.

UK students can login into Credo Reference with an Athens username and password by logging in through their institution's MyAthens account, or by finding their institution on our "Where are you from?" page. We can also create a WAYFless URL for your institution. 

Athens is a popular standard for handling user authentication in higher educational establishments.

3. Open Athens managed by EBSCO

EBSCO is now partnering with Open Athens to manage authentication. To set this up, we will need the following information (usually sent to us directly by EBSCO):

OAFed Entity ID (https://idp.***.edu/openathens)

Scope (****.edu)

Organisation ID 

Proxy IP

We add this information to your account and provide a WAYFless URL in the following format:

https://connect.openathens.net/credoreference.com/456a79ee-132b-4228-8d50-39918f628abe/login?entity=https%3A%2F%2Fidp.***.edu%2Fopenathens&target=https%3A%2F%2Fsearch.credoreference.com

However, many prefer to use the redirector prefix that Open Athens provides:

https://go.openathens.net/redirector/****.edu?url=https%3A%2F%2Fsearch.credoreference.com

0 out of 0 found this helpful