[Fim4l] Fwd: InCites now requires users to supply email address and create a new set of credentials

Jos Westerbeke jos.westerbeke at eur.nl
Mon Oct 12 09:22:09 CEST 2020 

Hello Davide,

Thanks for joining and for your email.

Things are coming together at a perfect timing I guess. We're almost ready to publish the final version of FIM4L Principles & Recommendations.

The idea is that libraries worldwide can refer to a common accepted document which describes how we (libraries) want to establish federated SSO connections with publishers.

Since a few weeks we have a new website where you can find this document: https://www.fim4l.org/?page_id=257 

But be patient: I'll send an announcement to this list, probably by the end of this week, with a new graphical update of the FIM4L Principles & Recommendations.

When all things ready, the official published document will be backed by Europe LIBER libraries (400+) and may be of great value for you to refer too by speaking with publishers.

All the best!
Jos

Jos Westerbeke
Library IT Specialist / Demandmanager  | Erasmus University Rotterdam | Burgemeester Oudlaan 50, Library | 3062PA Rotterdam | jos.westerbeke at eur.nl | +31 640295513
 
 
Op 09-10-20 16:43 heeft FIM4L namens Davide Vaghetti <fim4l-bounces at lists.daasi.de namens davide.vaghetti at garr.it> geschreven:

    Hello Heather,
    
    On 09/10/20 15:54, Heather Flanagan wrote:
    > Hello and welcome, Davide!
    > 
    > I’m not sure if you’re asking a question about what Clarivate is doing,
    > if you’re asking if anyone has knowledge of other similar patterns, or
    > if this is just an FYI?
    > 
    
    Yes, good point. Well, the thing is that Clarivate's behavior is the
    exact opposite of the FIM4L recommendations, so I'd like the advice of
    this community in how to deal with this Publisher and possibly doing it
    not alone.
    
    As Peter was pointing out, Clarivate's additional registration flow is
    breaking federated access and probably some contracts and privacy law as
    well, but I'd prefer to restrain from the legalities at least until it
    strictly necessary. Not to count that IDEM, as other identity
    federations, are not direct parties in this type of contracts.
    
    Cheers,
    Davide
    
    > Heather Flanagan — Translator of Geek to Human
    > https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fsphericalcowconsulting.com%2F&data=02%7C01%7Cjos.westerbeke%40eur.nl%7Cec8e9e7e9a91475f9de008d86c619b2b%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637378514315287569&sdata=ovaeYQk9zvqBzPynK7y2MDKI2X1ikf7Aoyxb2gvHWz0%3D&reserved=0
    > On Oct 9, 2020, 2:45 AM -0700, Davide Vaghetti
    > <davide.vaghetti at garr.it>, wrote:
    >> Hello everyone,
    >>
    >> I've sent this message to the FOG mailing list about Clarivate's InCites
    >> additional registration flow, but some Colleagues suggested that FIM4L
    >> would have been a better venue for the topic.
    >>
    >> Regards,
    >> Davide
    >>
    >> -------- Forwarded Message --------
    >> Subject: InCites now requires users to supply email address and create a
    >> new set of credentials
    >> Date: Wed, 7 Oct 2020 19:18:52 +0200
    >> From: Davide Vaghetti <davide.vaghetti at garr.it>
    >> To: fog at lists.refeds.org
    >>
    >> Hello everyone,
    >>
    >> some IdP admins and Librarians alerted us about Clarivate's InCites
    >> requiring an additional users registration after the Institutional
    >> login. The flow is similar to what Elsevier introduced in sciencedirect,
    >> but then rolled back, last year:
    >>
    >> - it starts on https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fincites.clarivate.com%2F&data=02%7C01%7Cjos.westerbeke%40eur.nl%7Cec8e9e7e9a91475f9de008d86c619b2b%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637378514315287569&sdata=9hMtWuW25Dw6Yjjs3F3oGq48q6rJvx%2FDpsbx63FYPrg%3D&reserved=0
    >> - a user select "Sign in" and then "Institutional (Shibboleth) Sign In"
    >> - once the authN flow is finished, the user is requested to register an
    >> email address and then to set a password to access InCites
    >>
    >> As in the case of Elsevier, the above has not been anticipated in any
    >> way from Clarivate, which so far was letting users in with just a
    >> transient nameid and ePSA.
    >>
    >> Regards,
    >> Davide
    >> --
    >> Davide Vaghetti
    >> Consortium GARR
    >> Tel: +390502213158
    >> Mobile: +393357779542
    >> Skype: daserzw
    >> _______________________________________________
    >> FIM4L mailing list
    >> FIM4L at lists.daasi.de
    >> https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.daasi.de%2Flistinfo%2Ffim4l&data=02%7C01%7Cjos.westerbeke%40eur.nl%7Cec8e9e7e9a91475f9de008d86c619b2b%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637378514315287569&sdata=Pk1uf0zSFCUACtQ8k%2BtHGq0Upv%2F5SQhN9%2BgdP%2F5xfwM%3D&reserved=0
    
    -- 
    Davide Vaghetti
    Consortium GARR
    Tel: +390502213158
    Mobile: +393357779542
    Skype: daserzw
    _______________________________________________
    FIM4L mailing list
    FIM4L at lists.daasi.de
    https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Flists.daasi.de%2Flistinfo%2Ffim4l&data=02%7C01%7Cjos.westerbeke%40eur.nl%7Cec8e9e7e9a91475f9de008d86c619b2b%7C715902d6f63e4b8d929b4bb170bad492%7C0%7C0%7C637378514315287569&sdata=Pk1uf0zSFCUACtQ8k%2BtHGq0Upv%2F5SQhN9%2BgdP%2F5xfwM%3D&reserved=0

More information about the FIM4L mailing list