Integrating the SeamlessAccess button

SeamlessAccess is a service designed to provide a simple and more streamlined experience for end users when accessing online resources. This page provides information on integrating the button element of the SeamlessAccess service with OpenAthens Keystone and Wayfinder.

For more information about the SeamlessAccess service see:

• About SeamlessAccess - https://seamlessaccess.org/about/
• SeamlessAccess technical documentation - https://seamlessaccess.atlassian.net/wiki/spaces/DOCUMENTAT/overview
• SeamlessAccess button code - https://seamlessaccess.atlassian.net/wiki/spaces/DOCUMENTAT/pages/84738197/Display+of+SeamlessAccess+Login+Button

Enabling integration of the SeamlessAccess button

These instructions are for the standard version of their button. An advanced version that may offer you more options is available but it is significantly more complicated.

1. Add the SeamlessAccess button code to your website per their instructions (see link above)

2. Modify the login button code to replace the loginInitiatorURL with your deep linking syntax, or if your site cannot support deep linking, your wayfless URL - see: WAYFless access and deep linking in OpenAthens Keystone if you do not already have these set up. This is the URL that will be followed when the button is clicked.

   XML

   <script>
   window.onload = function() {
     // Render the SeamlessAccess button
     thiss.DiscoveryComponent.render({
       loginInitiatorURL: 'https://REPLACE_THIS_WITH_YOUR_LINK/ETC/',
     }, '#putMyLoginButtonHere');
   };
   </script> 

3. The button will provide the entityID as a parameter called entityID, but it must be passed to us as a parameter called entity. You will need to handle this in your code.
   
   
4. Activate SeamlessAccess integration in your application's discovery tab (first select Wayfinder)
   
   

The people at SeamlessAccess provide a testing page that may help: https://service.seamlessaccess.org/

Anything to watch out for?

You should ensure that data from the button is only used when the button is clicked so that users following a wafyless links do not have that entityID overwritten (users can have multiple affiliations).

The button will never be aware of 1:1 connections you have set up via Keystone, only customers in federations. This may affect your decision to use it, as may the impact of browsers disabling 3rd party cookies and storage..   

Troubleshooting

The button is not displayed correctly

Your content security policy may be affecting it - see: https://seamlessaccess.atlassian.net/wiki/spaces/DOCUMENTAT/pages/84738197/Display+of+SeamlessAccess+Login+Button#Content-Security-Policy-considerations

Deep linking is not working with the SeamlessAccess button

E.g. the user ends up on a different page than expected. Check that the target parameter is not being changed or renamed. 

IDP entity not found error message when accessing with a remembered IdP

OpenAthens is receiving an entityID that we do not recognise. Either:

• The IdP in question is not a member of any SAML federation that your application is registered in
• Check you are sending the entity parameter as entity, not entityID