Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Organisation search

When the AP does not know is not told by the resource where the user is from they can search for their organisation. This search is towards the right or the bottom depending on your browser's resolution and orientation.

This is only necessary when the AP doesn't already know where the user is from AND the site is using local authentication. When the organisation has been pre-selected at a resource, this part of the page does not appear as the AP has already been told where the user is from. It also does not appear if the user successfully authenticated at a delegated login such as ADFS the last time they were seen.

Organisation identifier

When the AP knows where a user is from, the organisation logo can be displayed above the login area. If If the organisation is selected by discovery at a resource though, or the user is following a wayfless URL, the search section is not necessary so is omitted:

Image Added

This version of the page has some additional text options under the domain preferences and if you are using a delegated login such as SAML or ADFS, the behaviour is a little different.

When the AP isn't told this useful bit of information by the resource but remembers where a user was successfully authenticated last time, the organisation logo is displayed above the login area (or if you're using a delegated login as above, the user is sent there). If you're using something like LDAP or Sirsi, you'll see this and the user can enter their local credentials on the left:

Image Added

(If you have not uploaded a logo, the organisation name as set on the domain administrator's account is used. If this name is long, you may find that not all of it is visible.

Image Removed

If the organisation is selected by discovery at a resource, or a wayfless URL, the search section is not necessary so is omitted:

Image Removed

This version of the page has some additional text options under the domain preferences.

)

Help pages

There is a link below the sign in button that can help users. Here they can find the forgotten password function and organisation contact details.

...

  1. The user selected a home organisation at a service provider

    Because the AP has a unique address for each organisation, selecting your organisation at the service provider (or by a wayfless URL) will get the user to the AP in a known-organisation state so can go immediately to the correct authentication method. This will ignore any organisation the user has previously selected.

  2. The home organisation has been previously discovered and remembered by the AP.

    Both the first scenario OR a user using the search box can initiate this, but the location is not stored until the user successfully authenticates. The location is stored in a cookie, so will be affected by any circumstance that clears cookies such as being on a kiosk machine. The setting is also cleared if the user does not pass authentication (so that users who select the wrong organisation are not stuck forever) 

  3. The user is accessing a resource via the Redirector

    The redirector uses links that are specific to your OpenAthens domain so users will should always be recognised by the AP 

...

Can I connect local authentication systems to sub-organisations?

This is not workable usually desirable from a user experience standpoint because the pre-discovery scenarios described above can only direct users to the domain organisation, not a sub-organisation (not even one with a unique scope). Sub organisations that are found on the AP will show the local connectors that are set up Instead you should set up the connection at the domain organisation though and users can be mapped level and use the map to sub-organisation function - sub-organisations found at the AP will use this connection.

Which organisations can be found in the search box?

...