Page tree
Skip to end of metadata
Go to start of metadata

OpenAthens Cloud is our hosted Service Provider option. It is middleware that allows an OpenID Connect Relying Party to be used in SAML federations without the need to understand SAML. As long as your OpenID Connect relying party meets the basic requirements there should be no problem using it with OpenAthens Cloud.

See also: What is OpenAthens Cloud

Basic OpenID Connect requirements

Whichever OpenID Connect client, plug-in or framework you are using, it...


  • be OpenID Connect based on OAuth2 rather than plain OpenID.
  • support daily key rotation
    • i.e. the keys published at our jwks endpopint will change every 24 hours. This is usually handled automatically by whichever OpenID Connect framework you are using. 


  • support multiple providers so that OpenAthens Cloud can be used alongside other OpenID Connect login options you want to provide.

What would you like to do today?

  • No labels