Please allow me to add something to this discussion.
"The university students and staff are free to use personalisation at Lexis Nexis, Elsevier, EBSCO, ProQuest services if they want to so eduPersonScopedAffiliation (required) eduPersonEntitlement (required) eduPersonTargetedID (optional)..."
The students and staff can only use personalization when the IdP releases ePTID (or pairwiseID), otherwise they can't. I am not sure that this is clear from the metadata nor that the labels we use to describe the required attributes are very clear on what 'optional' means.
For example, when a student accesses ScienceDirect they can read subscribed articles whether or not ePTID has been released for them, but if they want to 'create account' because they would like to save searches, alerts or their search history, they can only do that if the IdP has released a persistent identifier for them. Otherwise they can't, because there's nothing in their SAML assertions that allows us to recognize the returning individual. So we are working towards requiring a persistent ID. The personalization remains optional for the user.
That may not be the same for other SPs, but it is valid for Elsevier.
Kind regards, Meshna
Meshna Koren
Product Manager II Product Management - Identity and Access - Research Products
Elsevier BV Radarweg 29, Amsterdam 1043 NX, The Netherlands m.koren@elsevier.commailto:m.koren@elsevier.com
Federated Access - SAML, Shibboleth, Corporate SSO, OpenAthens, Institutional Login
Elsevier Access Support Center: https://service.elsevier.com/app/answers/list/c/10543/supporthub/elsevieracc... for your questions about which access methods does Elsevier support, how to set them up, how do they work for users...
From: FIM4L fim4l-bounces@lists.daasi.de On Behalf Of Jiri Pavlik Sent: Sunday, March 14, 2021 15:28 To: Bernd Oberknapp bo@ub.uni-freiburg.de Cc: fim4l@lists.daasi.de Subject: Re: [Fim4l] LexisNexis Advance
*** External email: use caution ***
Hi Bernd,
I see, eduPersonScopedAffiliation (required) eduPersonEntitlement (required) is working for Freiburg University and eduPersonScopedAffiliation (required) eduPersonEntitlement (required) eduPersonTargetedID (required) is not.
The university students and staff are free to use personalisation at Lexis Nexis, Elsevier, EBSCO, ProQuest services if they want to so eduPersonScopedAffiliation (required) eduPersonEntitlement (required) eduPersonTargetedID (optional) is working for the University as well.
Is it correct?
All the best
Jiri
On Sat, Mar 13, 2021 at 2:40 PM Bernd Oberknapp <bo@ub.uni-freiburg.demailto:bo@ub.uni-freiburg.de> wrote: Hi Jiri,
On 13.03.21 09:15, Jiri Pavlik wrote:
When checking ProQuest SP for ProQuest Central in DFN-AAI metadata [1] I can see both eduPersonEntitlement and eduPersonTargetedID as required attributes.
I assume you mean the SP https://shibboleth-sp.prod.proquest.com/shibbolethhttps://nam03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fshibboleth-sp.prod.proquest.com%2Fshibboleth&data=04%7C01%7Cm.koren%40elsevier.com%7C6e4331c4f2e9492ecac708d8e6f57616%7C9274ee3f94254109a27f9fb15c10675d%7C0%7C0%7C637513289679030704%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=XSnyWQyJJ%2Fp4rroaY0U%2Fsg9H%2FOp8Q%2FxuLZTpBi%2F52C0%3D&reserved=0? That's obviously wrong, both eduPersonScopedAffiliation and eduPersonEntitlement are supported for authorization, but as far as I can tell you don't have to use them, and eduPersonTargetedID isn't required.
Is it safe to assume that if there is personalisation capability at a library service then all German universities, libraries are fine with releasing eduPersonTargetedID for recognising returning users and eduPersonEntitlement, eduPersonScopedAffiliation for authorisation?
No. I can't speak for other IdPs, but in my opinion that approach would be wrong, users by default should be able to use services anonymously, without being recognized as a returning user. Based on what I can see in the admin tools, only a very small percentage of our users actually uses the personalization features, so releasing eduPersonTargetedID by default just for personalization isn't an option. If publishers would force us to send an eduPersonTargetedID just for personalization I would consider dropping Shibboleth for those publishers and using our EZproxy instead.
Best regards, Bernd
-- Bernd Oberknapp Gesamtleitung ReDI
Albert-Ludwigs-Universität Freiburg Universitätsbibliothek Platz der Universität 2 | Postfach 1629 D-79098 Freiburg | D-79016 Freiburg
Telefon: +49 761 203-3852 Telefax: +49 761 203-3987 E-Mail: bo@ub.uni-freiburg.demailto:bo@ub.uni-freiburg.de Internet: www.ub.uni-freiburg.dehttps://nam03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.ub.uni-freiburg.de%2F&data=04%7C01%7Cm.koren%40elsevier.com%7C6e4331c4f2e9492ecac708d8e6f57616%7C9274ee3f94254109a27f9fb15c10675d%7C0%7C0%7C637513289679040698%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=Iq0reY93gKAa%2BhnY%2F5zsojsLKdQIOqdTHM3DkTtDb70%3D&reserved=0
________________________________
Elsevier B.V. Registered Office: Radarweg 29, 1043 NX Amsterdam, The Netherlands, Registration No. 33158992, Registered in The Netherlands.