50¶È»Ò

Federated Access

Federated access or Federated identity is a form of single sign-on that allows users to use a single credential to authentice across multiple organization's systems and websites. This is only one of the many secure remote access options 50¶È»Ò supports.

Continue reading to find more information on services and support available to you around Single sign-on and federated access. 

Get in touch!

If you have questions or need help setting up your federated access

How you can set up federated access

  • nature.com

    nature.com SeamlessAccess user guide
    (PDF, 1.61 MB)

    The SeamlessAccess experience is available on nature.com. Visit the for up-to-date information regarding our SSO support for nature.com. 

    This page will provide you with details regarding:

       

    You will also find information on additional topics such as WAYFless URLs, Setup SSO using Microsoft Active Directory and more on the configuration page: .

    Please note SeamlessAccess is in a beta phase through approximately June 2020, therefore there might be some challenges but we are happy to assist and will keep customers informed of any changes. 


More on federated Access

Frequently asked questions (FAQs)

I have IP access enabled and I don’t want you to turn that off

We won’t. You can have both IP access and federated access enabled at the same time. IP will work for your patrons when they are on your institutional network and gives them an option to authenticate to our websites to access institutional subscriptions when they are not.

I have a proxy. Do I need federated access?

You can have both if you want. Federated access is an additional way to ease authentication and access for patrons who might come to our sites before they’ve authenticated to your proxy server.  

What do I need to do to enable federated access for my institution?

The best place to start is to contact our Customer Services team to ask them to enable federated access for you. If you have your Identity Provider’s entity ID or if you’re an OpenAthens member, your OpenAthens ID, that will help them to get started with enablement.

I’m concerned that this is going to be a lot of technical work to set up.

It won’t necessarily be. If your institution is a member of a federation, we might already have the required data on our side and you might have the data on your side to make federated access work. If that's the case, all we would need to do is a little further configuration on our site to enable the method for you.

I’m concerned that my patron’s privacy will be violated if I set up federated access

50¶È»Ò only uses federated access for the purpose of institutional authentication. We don’t ask for any individual user details from your systems. It’s within your control what information you send back to us, and if you do somehow unknowingly send individual’s data back to us via the federated message, we ignore it and the data vanishes.  

SAML based access

SpringerNature supports all SAML based federated authentication systems including:

  • Microsoft Active Directory Federation Service(ADFS)/Azure
  • GSuite
  • Shibboleth
  • OpenAthens
  • Ping Identity
  • Okta
  • OneLogin
  • SailPoint

Learn more: SeamlessAccess podcast series

SeamlessAccess, a one-step, streamlined access service born out of the RA21 initiative last June, uses federated identity as its authentication process to allow researchers to access content from different publishers at any place or time—not just when they’re using their institution’s IP address. Sounds simple, right? Not exactly...

In this 4-part podcast series, Laird Barrett, Digital Product Manager at 50¶È»Ò joins Heather Flanagan, Program Director at SeamlessAccess.org, to discuss a range of topics.

Definition of terms

Single sign-on, Federated access, Shibboleth, OpenAthens, RA21, SeamlessAccess.org: What’s the difference between all of these things? Well, we want to share with you a list of terms and their definitions to help clear up any confusion. 

Single sign-on

A broad term for using a single credential to log in to multiple systems and websites

Federated access or Federated identity

A form of single sign-on that allows users to use a single credential to authenticate across multiple enterprises’ systems and websites (e.g. using your university credential to log in to 50¶È»Ò Link, ScienceDirect, Wiley Online, etc.)

SAML-based access

A technical term for federated access. The message we send from the 50¶È»Ò Service Provider to the institution’s Identity Provider are in Security Assertion Markup Language (SAML).

Federations

Country-level organisations that institutions and publishers can join to facilitate the exchange of metadata between the two that underlies the federated access method. There is a global federation called EduGAIN that country-level federations are members of and which facilitates the exchange at a global level for those who opt-in. 50¶È»Ò is a member of several country-level federations and we send our metadata to EduGAIN.

Shibboleth and OpenAthens

Software solutions that facilitate the federated access method. Institutions normally use one software or another and some publishers will prompt users down one path or another. OpenAthens also acts as a non-country federation.

RA21 (Resource Access in the 21st Century)

An industry group that issued a recommendation to implement an improved experience of federated access across publishers’ sites. This new user experience of federated access introduced a consistent call-to-action to initiate the access method across sites and once a user has done so once, their institutional selection would be persisted in their browser. This provides the user with a shorter and easier experience as they bounced between publisher’s sites. 

SeamlessAccess

The group implementing the services that enable the RA21 recommendations. Only 50¶È»Ò on nature.com and the American Chemical Society have rolled out the SeamlessAccess experience of federated access so far. SeamlessAccess does NOT replace federated access, it’s a new user experience of federated access.