2017-03-22 User Management Meeting Notes

Date

New Zoom link for this meeting: https://zoom.us/j/363335819

Attendees

Goals

  • Discuss Authentication and Authorization technology integration

Discussion items

TimeItemWhoNotes
35 minIntegration of institutional authN into FOLIO 
  • See notes below

Notes

  • While we are not currently expecting users to log into the FOLIO web interface, there is a need for patrons to authenticate themselves against Okapi APIs for processes such as checking the status of holds and renewing checked out items.  Some sites are using bespoke applications for this (Cornell), have integrated it with locally-hosted discovery layers (like Blacklight), are using vendor-supplied discovery layers (such as TAMU with EDS), or have external companies developing apps for this (GBV).
  • Sites are resistant using systems that perform "proxy authentication" for users (meaning: having a service taking in the username/password from the user and attempting to log in with those credentials on the server side).  Cornell, for instance, is actively teaching users to only use their credentials at the campus identity provider system.
  • The user management module has three identifiers for the user at the moment: an internal user id, a place for an external single-sign-on identifier, and a barcode.
  • Of those represented on the call, Shibboleth is the mechanism needed to authenticate users to FOLIO.

Action items