What’s the problem that’s being solved with all of these things?
The way that researchers have traditionally authenticated to publisher websites to access institutional subscriptions is via IP address. The device (desktop, laptop, tablet, mobile phone…) that the researcher uses is connected to their institutional network, the publisher’s websites sees the researcher coming from the institution's network based on their IP, and grants them access.
Institutions also less often have unique, static IPs that can be used to facilitate IP access. Implementing security software like ZScaler, for example, means that publishers see researchers on that insitution’s network coming from a shared, not a unique IP address.
So how do you solve this problem for researchers and for institutions?
Federated access, Shibboleth, OpenAthens, RA21, SeamlessAccess.org, GetFTR: What’s the difference between all of these things?
Let’s start with federated access. It’s been around for decades now. It’s a form of single sign on to publishers’ websites that works from any internet-connected device, from any location, in which the publisher passes the researcher to their institutional log in, they authenticate using their institutional credentials, and the institution passes the researcher back.
Shibboleth and OpenAthens are software solutions that facilitate the federated access method.
RA21 (or Resource Access in the 21st Century) was a group that designed a solution and issued recommendations to address the problem described above. They recommended that to ease researcher access publishers implement a new user experience of federated access, in which there is a consistent call-to-action to initiate federated access across sites and once a user has done so once, their institutional selection would be persisted in their browser, to enable a shorter and easier experience as they bounced between publisher’s sites. RA21 does NOT replace federated access, Shibboleth or Open Athens; it’s a new user experience of the federated access. Springer Nature is one of the first publishers to implement the RA21 recommended experience, rolling it out to Nature.com in early November of 2019.
Seamless Access is the group that has built the services that enable the RA21 recommended experience and are supporting publishers in rolling out that experience.
Get Full Text Research (or GetFTR) is an API that provides on-the-fly verification of whether a researcher is entitled to access content on publishers’ websites and links to easily access that content. Springer Nature, Elsevier, Wiley, Taylor & Francis and the American Chemical Society are participating as publishers so far. The API can be used by discovery services (think PubMed Central or your library discovery service) or scholarly collaboration networks (think Mendeley or Readcube Papers). In the event that a researcher is not entitled to a piece of content on a publisher’s website, the publisher can provide an alternative version of the content that goes beyond the abstract, like a read-only PDF; what these will be may differ across publishers and is to-be-determined.
GetFTR currently relies on federated access to return entitlements information and authenticate users to publishers’ websites. To get more technical for a moment: GetFTR currently needs the entity ID of the institution’s Identity Provider to return entitlements information and provides WAYFless urls back to enable easy authentication and access for researchers. GetFTR may not always depend on federated access, but that’s where we’ve started.
There’s a misunderstanding that GetFTR builds on the RA21 recommendations and the Seamless Access services. It does not. GetFTR builds on federated access. GetFTR works WITHOUT RA21 and SeamlessAccess.org. But they CAN be complementary to each other, with RA21 and SeamlessAccess.org easing the researcher federated authentication experience that GetFTR relies on.
GetFTR is in a pilot phase for the first half of 2020, which publishers, discovery services and scholarly collaboration networks are invited to join, and during which the concept and technical approach will be validated and refined.
What should I do as a librarian?
If you’re interested in the subject of researcher authentication and access, there are a few things that I’d recommend:
Talk to your patrons about their authentication and access experiences. Is everything working well for them? If not, why not?
The best way to learn about federated access is to Google it and start reading. You can talk to your IT department to learn more about it within your institution. Most countries have an organisation that works with institutions and publishers to enable federated access, which you can join.
If you want to learn about the RA21 recommendations, read the NISO Recommended Practice. If you want to learn about GetFTR, read the FAQs and sign-up for updates.
If you want to enable federated access for your institution on Nature.com now, there are instructions here to do so.
Are you turning off IP access?!?!
No. No plans to.
What about privacy? Are you trying to steal researchers’ data?!?!
No. The federated access method allows institutions to pass back a researcher’s individual details to publishers. Springer Nature doesn’t request that institutions do this. If an institution does it anyway, we throw away that data.
There is a conversation to be had I believe between researchers, librarians and publishers about what researchers want in terms of authentication and access to online services. Federated access should be part of that conversation. It offers researchers a convenient means to both institutionally AND individually authenticate to websites using their institutional credentials, potentially making it both easier and safer for them to do their work online.
I use a proxy. I’m going to ignore all of this.
That is your prerogative. If access via proxy is working brilliantly for all of your patrons and for you, great. If it’s not, it might be worth giving federated access and the new experiences being built around it - RA21 and GetFTR - a look.