This is becoming an increasing occurrence with vendors and licensed resources. ArtStor and JStor (hosted by Ithaka) are doing the same thing, and our licensing team has found it frustrating and ineffective to attempt to remedy this via license negotiation and enforcement. I have also had to get our General Counsel involved with vendors that have enticed our users to sign up with their university credentials into "free" or freemium access. It is becoming persistent, and sometimes flagrant, issue.
Tim
Tim McGeary
Associate University Librarian for Digital Strategies and Technology
Duke University Libraries
tim.mcgeary@duke.edumailto:tim.mcgeary@duke.edu
Google/Skype/Twitter: timmcgeary
The Duke University Libraries value diversity of thought, perspective, experience, and background and are actively committed to a culture of inclusion and respect.
________________________________ From: FIM4L fim4l-bounces@lists.daasi.de on behalf of Peter Schober peter.schober@univie.ac.at Sent: Friday, October 9, 2020 10:22 AM To: fim4l@lists.daasi.de fim4l@lists.daasi.de Subject: Re: [Fim4l] Fwd: InCites now requires users to supply email address and create a new set of credentials
* Heather Flanagan hlf@sphericalcowconsulting.com [2020-10-09 15:54]:
I’m not sure if you’re asking a question about what Clarivate is doing, if you’re asking if anyone has knowledge of other similar patterns, or if this is just an FYI?
What Davide described to me more sounded like, well, almost like a breach of contract:
Institutions have been releasing limited data to the service provider ("attributes", via "identity federation") to signal to the service provider that a person should be permitted to access resources under an institutional license. It is my understanding that has been working for many years, same as with dozens and hundreds of other services.
Now (or since whenever this was changed) members of those same instiutions are promoted/forced to register a local account even after successfully completing the federated login! So remote access (via federation) is now broken -- it is no longer sufficient to provide access -- unless one registers Yet Another Account.
On top of that, experience suggests that a significant percentage of those subjects will then enter (i.e,, "re-use") their *institutional* credentials (passwords) when forced to register for a local account at gunpoint -- a process only made worse by the connection/assotiation with the familiar/"safe" federated login process that just happened.
Does the above provide sufficient reading-between-the-lines for folks here to raise some eyebrows?
-peter _______________________________________________ FIM4L mailing list FIM4L@lists.daasi.de https://urldefense.com/v3/__http://lists.daasi.de/listinfo/fim4l__;!!OToaGQ!...