Author: Syd L. Stephenson, Technical Services & Systems Librarian, Thurgood Marshall State Law Library
For law librarians who work outside the realm of systems administration and electronic resource management (ERM), resource authentication can sound like an overly complicated topic best left to the techy library folks and the IT department. However, authentication plays a central role in ensuring that the community you serve can easily access the resources they need.
It is important for every library staff member to have a general understanding of resource authentication, whether you’re working in public law reference, an administrator weighing what resources the library should acquire, or teaching 1Ls the basics of legal research.
The Basics: What Is Authentication?
Authentication at its most basic level refers to the technology utilized to allow users to access an electronic resource. Authentication methods ensure that your users have secure, consistent, and convenient access to your library’s resources.
Different Authentication Methods for Library eResources
There are a variety of authentication methods you may encounter with library resources, and the types of authentication methods employed may vary by library type. Described briefly below are a few of the common authentication methods you may encounter in law libraries. Vendors will often work with libraries to implement a combination of these authentication methods for their eResources. For example, when I worked in academic law libraries, students were able to access West Academic Digital Study Aids through IP-based authentication (in-library use), single sign-on for off-campus use, and through individual institutionally verified user accounts.
IP-Based Authentication
IP-based authentication allows users who are within a specified IP range or specific IP address to access electronic resources. This may vary based on the size of your organization and who should have access to a specific resource.
Resources that require users to be either physically in the library or on an organization’s network are usually IP-authenticated. For instance, a government law library may require users to be physically in the library to access resources such as Westlaw Public Access or HeinOnline.
Single Sign-On
Single sign-on (SSO) is a federated authentication method that allows you to access a variety of resources using the same set of credentials. For instance, SSO in academic law libraries allows students, faculty, and staff to access eResources through their university network credentials (usually school email and password).
SSO allows users to access library eResources even when they are not physically present in the library. SSO also saves users from having to make a separate account for every single platform you have. If you are interested in learning about the SSO authentication and authorization process that makes this possible, CloudFlare has a great article explaining how SSO works.
SSO is often enabled for library resources through products/service providers such as OCLC’s EZProxy or Microsoft.
Top Tip: Some service providers like EZProxy may require a “starting point” URL for each eResource to enable the SSO process. You would need to include the prefix in the target URL to the resource in question in your databases list for users to be able to properly have access through SSO. You wouldn’t just be able to Google HeinOnline and automatically have access, for instance.
(For example: https://login.madeupproxy.institution.edu/login?url=http://totallyrealdatabase.org)
Resource-Specific Accounts
This is the most basic authentication method requiring users to sign into an account set up for that specific user for a specific electronic resource. For example, students at law schools generally have their Westlaw Accounts created for them. They must sign in with a user ID and password specific to Westlaw that is separate from the credentials they use for university accounts.
Resource-specific account authentication typically does not require a user to be within the library’s IP range to access a resource.
Authentication methods for these resource-specific accounts can vary and include:
- User ID and password.
- Requiring the input of a one time passcode (OTP) each time a user signs into their account (the OTP is often sent to the user via the phone number or email designated on their account).
- Multi-factor authentication (e.g., requiring sign-in confirmation through an authentication app such as Duo, Microsoft Authenticator, or Okta after entering user ID and password).
Top Tip: Resources that can be authenticated through individual user accounts may require the use of a verified institutional email. West Academic Study Aids are a prime example. I had many students in my academic law library days attempt to use their Gmail instead of their university email address without being able to access their study aids because their email wasn’t institution-verified.
Communicating Access Requirements Clearly
Another key component of resource authentication is making sure to communicate clearly who can access a resource and how it can be accessed. Many libraries accomplish this by providing a brief note in plain, non-jargony language under each resource on their databases list.
For example, at the Thurgood Marshall State Law Library, we have the note “This resource requires you to be in the library to use it” for our resources that utilize IP-based authentication.
How to Get Started on Authentication Set-Ups
Setting up an authentication method for an electronic resource may require working with multiple groups. Setting up SSO for a resource, for example, could require facilitating contact between multiple service providers, the resource’s development team, your IT department, and your systems librarian. Each of these key members will be handling a specific, complicated piece of the puzzle necessary to create stable authentication.
If you’re unsure of where to start or what authentication methods are being utilized at your library, setting up a meeting with your library’s systems administrator is an excellent way to learn more!
Leave a Reply