Glossary
This glossary of terms will help to explain acronyms, terms and phrases encountered in our industry. By breaking down these terminologies we aim to enable you to make an informed choice about the products and services that could benefit your institution or library.
Active Directory Federation Services (AD FS) | A Microsoft product used to enable federated identity and access management, extending single sign-on (SSO) beyond a single network or enterprise boundary to other applications. |
Administrator/Admin | Often used to describe the person(s) responsible for managing or configuring a product or service e.g. issuing usernames and passwords to patrons. |
API – ‘Application program interface’ | A mechanism which enables two applications, services or components, to communicate with each other using a set of definitions and protocols. |
Attributes | Information about a user sent from the identity provider. Also referred to as Claims. |
Authentication | The process of identifying an individual, usually based on a username and password. Authentication verifies that the individual is who they claim to be but says nothing about their access rights (see authorization). |
Authorization | The process of granting or denying access to a protected product or service. |
Claims | Information about a user sent from the identity provider. Also referred to as Attributes. |
Deep-link | A link to a specific piece of content, whether that’s an article, book chapter, image, or other resource. |
Directory | A system which stores and manages user accounts which typically includes member information such as, name, department, or email address. Typically, the primary data source when authenticating users. |
Discovery service (content) | A web service which allows you to search many different online resources at the same time. |
Discovery service (organization) | A service which helps the user identify their organization so the service provider can send them to their single sign-on system. Also referred to as a WAYF. |
Document delivery | A service which helps you purchase access to a specific document (the same term is used for physical document delivery) which is unavailable in an organization’s library. |
Domain | A name which represents an organization on the internet e.g. openathens.net |
Entitlement | Often referred to by service providers as their entitlement system, subscription record, or access control system. Used to manage the content an organisation subscribes to. Also used to refer to a specific SAML attribute used by some services. |
Federated access management | Extends the use of single sign-on beyond your organisation using the protocols and policies provided by a federation. |
Access management federation | A group of identity and service providers adhering to a set of protocols and policies which create a framework enabling access to online content in one place. |
Identity provider | An organization which manages user identities and subscribes to online content. Also refers to the single sign-on system carrying out the authentication of users and facilitates your access to online content. This is what we do at OpenAthens. |
IP address | A numerical reference (For example, 123.123.123.0) which identifies the location of a web-connected device on a network or on the internet. |
IP authentication | A term originally derived when it was possible to obtain a reasonable degree of assurance that an IP address range represented an organization. While that is still the case for some organisations, it has become a less reliable access management method in recent times. Also referred to as IP recognition. |
IP range | A set of IP addresses used by a particular institution, organization or country. |
Link resolver | Software which helps libraries connect users to content. |
OpenAthens | That’s us! We make accessing knowledge through a single sign-on easy. |
OpenAthens Federation | An international access management federation run by OpenAthens which is available to any organization in any sector. |
Open source | Software designed to be available, used and modified by anyone. |
Open Access | A publishing model which allows online journal articles, books and other material to be freely available without a subscription. |
Proxy service | Software which rewrites web content in order to facilitate access to subscription-based content, commonly using IP addresses for authorization. |
Redirector | The OpenAthens Redirector is a tool which allows librarians to add a consistent prefix to content links. When this link is followed, the redirector works out the best way to get the user there. This negates the need to manage separate links for on-site and off-site access, or work with complicated 'WAYFless URLs'. |
Remote access | Gaining access to a library’s electronic collection, no matter where the user is based. |
SaaS – ‘Software as a service’ | Solutions which provide access to software through a web browser. This reduces the requirement to install and manage software on a computer locally. |
SAML | A method of establishing trust and sharing secure information between identity providers and service providers. |
Scope | An organization identifier often used by service providers to authorize access for users. Usually derived from their entityID. |
Service provider | An organization which provides content and/or services. |
Shibboleth | Open-source software for organizations to enable federated access and single sign-on to online applications. |
SSO – ‘Single sign-on’ | A process which grants access to multiple systems via a single set of login details |
UX – ‘User experience’ | A user’s impression of the design, and ease of use, of a website while using it. |
User journey | In OpenAthens, we use this term to refer to the user experience between their starting point and their destination. |
VLE – ‘Virtual learning environment’ | An online service for institutions which gives access to a range of learning resources, including learning course information and study content. |
VPN – ‘Virtual private network’ | Software which provides secure remote access to an organization’s network. |
WAYF – ‘Where are you from’ | A service which helps the user identify their organization so the service provider can send them to their single sign-on system. Also referred to as an Organization discovery service. |
WAYFless URL | A link which provides users with a direct route to content via their organization’s single sign-on system. The URL includes a parameter specifying the identity provider’s entity ID, so the user is not required to navigate the service provider's WAYF. |
Download a copy of our glossary
Printable version
Download an A3 version of our glossary to print and share.
Infographic version
Download our glossary infographic and share with colleagues.
Looking for more helpful resources?
Check out our customer tools page. You’ll find all the useful links related to our products and services in one place. Service status page, documentation, and more!