Research Institutions → Enabling Institutional Sign-In for your Researchers to their ORCID Accounts
In 2016, ORCID signed an agreement with SURF to enable all researchers at SURF and eduGAIN member institutions to access the ORCID registry using the same credentials they use to log into their university accounts.
By default, all eduGAIN member institutions are listed in the “Institutional Account” drop-down menu on the ORCID sign-in page. For this functionality to work, eduGAIN member institutions must configure and support institutional sign-in within their own systems. Please note that if your institution does not already have the configuration set-up, it will still be listed. This will lead to error messages being delivered to the researcher (although they can still sign-in using their ORCID sign-in credentials). If the institutional sign-in process is successful for the researcher, the authorisation will be listed in “Account Settings” under “Alternate sign in accounts”.
This feature is available to all SURF and eduGAIN member institutions and is not an ORCID consortium member benefit. When users connect their institutional account to their ORCID iD in the institutional sign-in process, no information is sent to the institution from ORCID. It is an alternative sign-in process for the researcher only and does not provide the institution with any additional permissions to read/write etc. However, as part of the process of developing member integrations and rolling out ORCID within your institution, it is important to ensure that this part of the researcher experience is working without error.
This documentation is for those responsible for configuring and supporting institutional sign-in within their institution’s systems.
If you are new to this, you may want to review the materials on Federations 101 developed by the AARC (Authentication and Authorization for Research and Collaboration) Project.
ORCID IS A SERVICE PROVIDER
At this time, the only Identity Provider (IdP)-dependent service that ORCID provides is institutional Single Sign On (SSO) for the user. Institutions must be listed by the discovery service for this to be available as an option for users.
SPECIFICS ON ORCID’S CLASSIFICATION
Available in the Metadata Explorer Tool (MET)
ORCID requires a locally unique, persistent, non-reassignable identifier to link an institution account to an ORCID account. Specifically, any of the following identifiers will be accepted for this purpose:
What about eduPersonPrincipalName (ePPN)?
ORCID will use the following attributes if provided by the institution, but none are required for the SSO service to work.
Note: The visibility of items added to ORCID records is determined by the individual researcher on the ORCID site. The researcher may delete added items at any time.
ORCID IN THE EDUPERSON SCHEMA
As per the eduPerson specification:
DESC ‘ORCID researcher identifiers belonging to the principal’
SYNTAX ‘126.96.36.199.4.1.14188.8.131.52.15’ )
Further information about the format of the ORCID iD can be found in Structure of the ORCID identifier.