Skip to main content
OCLC Support

Patron access and authentication

Find options for patron authentication in Relais D2D.

Prior to using Discovery, patrons must be authenticated.  Two options for authenticating are:

  1. Authenticate against an institution system
  2. Use the Relais Login page

 Note: Login and Password combinations created in the Relais patron and library records are case-sensitive.

Authenticate against an institution system

For example authentication against a local LDAP server.  This process is done outside of Relais.  Once the patron is authenticated then the credentials are passed over to Discovery via an OpenURL

If NCIP is enabled:

Relais uses the patron credentials from the OpenURL to do a lookup in the local library system, if NCIP is enabled.  

It is critical that If using NCIP the credentials passed through in the OpenURL can be used in the Lookup User message to be sent to the local library system. Options include:  

Tag Description
PI Patron ID
PS  Patron surname
UL User login
UP User password
RK Record key
  • Any of the above values may be encrypted prior to including them in the OpenURL.
  • Alternatively you may use the Relais Authentication service to generate an 'aid' to include in the OpenURL
  • See Security in Relais for more information.

If NCIP is not enabled then the patron lookup is done in Relais. 

Use the Relais Login page

If authentication against an institution system is not possible, then use the Relais Login page.  

If NCIP is enabled, then the Lookup User message is used to confirm the patron exists in the local library system and to retrieve the necessary patron information.  

If NCIP is not enabled, then the corresponding patron record is retrieved from the Relais database.  This requires that patron records are pre-loaded in Relais.  

 Note: Login and Password combinations created in the Relais patron and library records are case-sensitive.

Aid and session time out

Irrespective of which option is used to authenticate the patron and access Relais D2D, Relais assigns a unique session specific 'aid' (authorization id).  This 'aid' is constantly checked by the Relais Authorization service to confirm that the patron's session is still active.  If the service determines that the configured timeout period has elapsed with no activity then the patron is 'logged' out and by default the following message displays:  PUBRS003:  Invalid aid.  Each library can specify the preferred page to which the patron should be directed.  See Configure Discovery for more information.

 Note:  By default the session time out is 10 minutes.  A different time out length can be configured.  Please contact your local Relais D2D Administrator.  Please note that the session time out is a system level configuration, i.e., it cannot be configured separately by each member library.  

Using ILLiad for request management

For libraries that use ILLiad for request management then authentication is done using a 'dummy' patron record.  This patron record is configured as part of your initial Relais D2D implementation and is included in the url that calls Relais Discovery.  For example:  http://borrow.relaisd2d.com/service-proxy/?command=mkauth&LS=RELAISPATRON&PI=RELAISPATRON