Enable end-user sign in (for non-WorldShare Management Service libraries)
- Last updated
-
-
Save as PDF
Learn how to provide sign-in capability for users of WorldCat Discovery libraries to allow them to save searches and personal lists.
All WorldCat Discovery libraries can provide sign-in capability for their users. This enables users to save searches and personal lists. See Share records and create citations for more information.
To enable non-WMS logon options, register your library for end user logon capability. The OCLC implementation team will respond to the request and assist with configuration.
Institutions can select from the following implementation options:
- Create new accounts with an OCLC method that supports self-creation of authenticated accounts
- Use existing accounts with an OCLC link to your institution's existing authentication service, if it is compatible.
Authentication requirements
| Method |
Authentication requirements |
Additional information |
| LDAP |
- External-facing IP/server name accessible from outside your network
- Needs to be secure LDAP (LDAPS or LDAP with StartTLS)
- Ability to open firewall to list of OCLC IP addresses
- LDAP server must be running on port 636
- Root CA certificate from your LDAP server (if your certificate is self-signed or not issued by a major certificate authority). Implementation team will alert you if a certificate is required.
- Test account required
|
- Accounts are created automatically when patrons log in to Discovery for the first time
- Library staff can see patron accounts in WorldShare Admin (names and email addresses)
- Patrons are greeted with their first name in Discovery upon login
|
| CAS |
- Permit access from test and production OCLC URLs
- Supply CAS server URLs
- GET requests are not currently supported
- Test account required
|
- Accounts are created automatically when patrons log in to Discovery for the first time
- Accounts will work to authenticate patrons only. No patron name or email address will be visible with the account.
- Library staff will not be able to see patrons' names or email addresses in WorldShare Admin. All accounts will display as "Not Supplied" as the name.
- Patrons will not see their first names in Discovery upon login
|
| SAML (includes Shibboleth, AD FS, Azure, Google SAML, Okta, etc.) |
- SAML 2.0 or above
- Exchange or Shibboleth-related metadata between OCLC and your institution
- Persistent ID which will be presented from Assertion/Subject/NameID from your SAML response
OR
- If you cannot send a persistent ID in the Subject/NameID, provide the name of an attribute that can be set as a unique, persistent value
- Test account required
|
- Accounts are created automatically when patrons log in to Discovery for the first time
- Library staff can see patron accounts in WorldShare Admin (names and email addresses)
- Patrons are greeted with their first name in Discovery upon login
For Azure only:
- Accounts will work to authenticate patrons only. No patron name or email address will be visible with the account.
- Library staff will not be able to see the patrons' names or email addresses in WorldShare Admin. All accounts will display as "Not Supplied" as the name.
- Patrons will not see their first names in Discovery upon login
|
| User self-registration (without a connection to an authentication system) |
- You must require a specific, unique value from each patron (could be an institutional username, barcode, student ID, or email address); this value will be used by patrons when logging in.
|
- Library staff can see patron accounts in WorldShare Admin (names, usernames, and email addresses)
- Patrons are greeted with their first name in Discovery upon login
- Not recommended for libraries considering a move to WorldShare Management Services (WMS)
|
Note: These logon options are not available to Group Catalogs using WorldCat Discovery.
