RE: OpenAthens doppelgänger ?

Wessel, Keith kwessel at
Fri Dec 3 22:30:33 UTC 2021

Depends on how many of your users are using discovery interfaces that list both as well as what the display name is for the OpenAthens entity. At the least, this sounds like an opportunity to make a friend at whichever of your campuses’ libraries is the contact for your OpenAthens configuration. It’s definitely a teachable moment.


From: users <users-bounces at> On Behalf Of IAM David Bantz
Sent: Friday, December 3, 2021 4:27 PM
To: Shib Users <users at>
Subject: OpenAthens doppelgänger ?

I haven’t been paying enough attention to OpenAthens. I just realized there is an OpenAthens federated identity provider from a for-profit organization with an entity ID and scope referring to my institution. That seems to mean that consumers of information from the OpenAthens IdP may conclude, informally from the entity ID, and more correctly based on the scope, that the assertion is about a member of my institution. As I say, I haven’t paid enough attention to OpenAthens, so maybe I need some ’splaining, but this seems to me wrong on many levels. Is it? How concerned should I be?

<md:EntityDescriptor … entityID="<;!!DZ3fjg!ss-gBE2VLSfEpyRTMYK5VOFdx_pSW4e5k8U7hArZhtkos3tYM5uHlFUeBd-KTek2sw$>”>
…<shibmd:Scope regexp=“false"><;!!DZ3fjg!ss-gBE2VLSfEpyRTMYK5VOFdx_pSW4e5k8U7hArZhtkos3tYM5uHlFUeBd8wANqQ8g$></shibmd:Scope>

<EntityDescriptor … entityID="<;!!DZ3fjg!ss-gBE2VLSfEpyRTMYK5VOFdx_pSW4e5k8U7hArZhtkos3tYM5uHlFUeBd8wANqQ8g$>">

… <shibmd:Scope regexp="false"><;!!DZ3fjg!ss-gBE2VLSfEpyRTMYK5VOFdx_pSW4e5k8U7hArZhtkos3tYM5uHlFUeBd8wANqQ8g$></shibmd:Scope>

David St. Pierre Bantz
University of Alaska (<;!!DZ3fjg!ss-gBE2VLSfEpyRTMYK5VOFdx_pSW4e5k8U7hArZhtkos3tYM5uHlFUeBd8wANqQ8g$> !)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list