Authentication

Authentication: How To Enable Remote User Access

At Coherent Digital, we support four frictionless options for remote user access:
  1. Username & Password Authentication
  2. IP Authentication
  3. EzProxy 
  4. Shibboleth Authentication

Username & Password Authentication

Individual users or users associated with an insitutional membership can sign up for an account in any of our Commons. 


When they use an institutional email to register (in other words, an email address that matches their institution’s domain), their login will automatically be connected to the membership and give them full access from off-site or off-campus locations.


To sign up, visit any one of these sites.: 


Canada Commons: https://canadacommons.ca/accounts/signup/

Mindscape Commons: https://mindscapecommons.net/login

By registering on any one of these sites, your registration will work on the other sites (Mindscape Commons is excepted, this uses a separate registration system)


TCP/IP Authentication

To support TCP/IP address range authentication, we use the IP address ranges that are assigned to your institution at The IP Registry. If you should ever need to adjust these, simply edit your information at the registry and our system will automatically receive the update. If your institution wishes to use TCP/IP Address Range Authentication, and you are not currently listed in the IP Registry, you may add your address ranges to this registry for free.

The IP Registry

To use the IP Registry, follow these simple steps:

  1. Register for free with theIPregistry.org

  2. Confirm the IPs currently listed for your institution and affiliated sites.

  3. Communicate IP changes by adding or deleting IP addresses as necessary.

  4. If you are newly adding your institution to the registry, let Coherent Digital know at support@coherentdigital.net.

If you have any questions about using theIPregistry.org please see their FAQs or contact them at info@theIPregistry.org

EzProxy

If you use EzProxy for remote user access, then there is a database stanza you can install on your EzProxy for each Commons from the OCLC EzProxy support site.


Africa Commons Database Stanza

Mindscape Commons Database Stanza (* Mindscape Commons customers, see note below)

(*) Note: To complete the installation of an EzProxy stanza for Mindscape Commons, there is one additional step.  Coherent Digital needs to configure your proxy URL as an enabled site.  So please send the proxy URL to support@coherentdigital.net.  This will be the URL in the browser location bar after logging into Mindscape Commons via the proxy.  The URL will usually look something like "https://mindscapecommons-net.proxy.yourinstitution.edu".  This extra step applies to Mindscape Commons only.

Shibboleth/SAML Authentication 

At Coherent Digital, we support both Federated Shibboleth Authentication as well as ‘Bi-lateral’ metadata exchange.

Bi-lateral metadata exchange is used when the customer is not a member of a federation or Coherent Digital is not a member of the same federation.  For example this is how we support OpenAthens configuration.  This approach is also suitable for other SAML-based single-sign-on solutions like Microsoft Azure AD.

Currently Coherent Digital is a registered Service Provider at the following federations:

See our entry at REFEDs metadata explorer for up-to-date details.

Shibboleth Configuration

For Shibboleth Authentication, please provide the following to support@coherentdigital.net:

Federated Shibboleth Configuration:

  • Your EntityID

  • Your Federation


For Bi-lateral Metadata Exchange:

  • The URL of your Identity Provider metadata (or the metadata in XML format)


Coherent Digital’s Shibboleth Information:

WAYFless URLs

Once the shibboleth configuration is complete, the following Service-Provider-initiated URLs can be used to log your users into a product without having to encounter a ‘Where-are-you-from’ page.  These URLs are what you would use in your A-to-Z database menu for remote users:

Africa Commons
https://africacommons.net/start-session?entityID=your-entityID

Canada Commons
https://canadacommons.ca/start-session?entityID=your-entityID

History Commons
https://history-commons.net/start-session?entityID=your-enityID

Mindscape Commons
https://mindscapecommons.net/start-session?entityID=your-entityID

Policy Commons
https://policycommons.net/start-session?entityID=your-entityID

South Asia Commons
https://southasiacommons.net/start-session?entityID=your-entityID

Notes: Replace ‘your-entityID’ in the above URL with a URL-encoded version of your institution’s SAML Identity Provider entity ID.
These examples put the user in the product home page. The optional &target= parameter can contain any valid URL (encoded) at the destination product to place the user at a page other than the home page.  




    • Related Articles

    • Troubleshooting TCP/IP address range authentication

      This article outlines some information gathering that will help support identify solutions when a session fails TCP/IP range authentication. Are the TCP/IP Ranges on File Correct? Coherent Digital uses the IP ranges assigned to your institution in ...
    • Access to Monthly COUNTER Statistics

      Access to Monthly COUNTER Stats As Coherent does not yet have a library administration portal, we provide COUNTER5 reports through SUSHI using the service provider LibLynx.  SUSHI (Standardized Usage Statistics Harvesting Initiative) is an API that ...
    • Why we use TheIPregistry.org to maintain IP addresses

      Maintaining accurate IP addresses is a problem for the entire scholarly community. According to the IPRegistry.org, 58% of the IP ranges held by publishers to authenticate libraries who license their content are inaccurate. Apart from unlicensed ...
    • Terms of Use

      Terms of Use By using this website, the websites of Coherent Digital LLC, and their associated tools and services, you agree to the Terms of Use: 1. ADVISORY PLEASE READ CAREFULLY. These Terms of Use represent an Agreement between you ("User") and ...