OpenAthens LA support ended on 31 March 2020


Skip to end of metadata
Go to start of metadata

What is OpenAthens LA?

OpenAthens LA (Local Authentication) enables your users to access resources in a federation. It interacts with your local data repository and authentication systems so that existing user credentials can be used.

In federation terms, OpenAthens LA is an Identity Provider, or IdP, and the role of an IdP in a federation is to identify to Service Providers (SPs) that the user who has tried to access that SP is from that IdP's organisation.

Unlike other IdP software, OpenAthens LA has two main components, the Runtime and the Administration Console. The Runtime performs authentications and exchanges messages with SPs. The Administration Console is a graphical user interface (GUI) used to configure the Runtime and access statistics, diagnostics and auditing information.

Should my organisation use it?

Maybe. It depends.

If you want the convenience of using users' existing credentials, e.g. in LDAP or ActiveDirectory, but do not wish to install (or cannot install) IdP software locally, you should instead consider the local directory integration options offered by our hosted option, OpenAthens MD. See: OpenAthens MD LDAP connector

If you cannot use the local directory integration options of OpenAthens MD for any security or infrastructure reasons (e.g. you need to keep all user details entirely within your own network, or your directory cannot accept connections from outside of your network), then OpenAthens LA is the better choice.

If you are currently using anything such as Shibboleth, then OpenAthens LA would be considered an upgrade in terms of functionality and ease of maintenance.


  • No labels