Using a connection for multiple OIDC applications

OpenAthens Keystone has two types of record in the publisher dashboard - an application record and a connection record. The application record defines how your OIDC application interacts with OpenAthens whilst the connection record defines how OpenAthens will interact with SAML federations on your behalf, and this connection record can be shared by several applications.

What this means in practical terms is that you can have development, test and staging versions of your existing or future app available to the outside world if necessary.

You will need to set one as primary that will supply details to your federation metadata. This has the benefit that changing from old production version to new production version is just a flick of a switch. 

To make a change, click the primary button next to the app and save. Changes will be testable with your own domain accounts within a few minutes. Live apps will update in the federation within six hours. 

Anything to watch out for?

Rules are turned on or off on the connection, so if your old and new apps need contradictory rules, you my prefer to test the new application with its own connection before switching things about. 

