meeScan Integrates with Identity Management Systems

Many of our academic institutions implement rules that only permit a single identity for all systems. In most cases they use an Identity Management systems like Shibboleth or Active Directory to manage the identities of all their users. Any system that would be permitted to be used by the students is required to use a federated login through the identity provider.
 
meeScan has been implementing federated login for a while now. Our standard solution for SAML-enabled institution is to configure our system as a SP (service provider) and exchange certificates with the institution. meeScan can then automatically open a login window for the library users and allow them to log-in through the familiar and secure interface.

In many cases, the identity management holds the ILS patron ID so meeScan obtains it through the response metadata. We can then use this patron ID when performing ILS transactions.

In other cases, the ILS can be configured to use alternate fields as patron identifiers and the institution e-mail address is often an option. So meeScan can perform ILS transactions using the e-mail identifier directly.

In some rare cases though, none of the above applies. This customer was just such case. Fortunately, their IT department had made a small REST-based service that was able to provide a patron ID based on a provided e-mail address. So our engineers got together and created a custom integration. Through this setup, meeScan authenticates the users through the Shibboleth federated login and then uses the resulting primary identifier in another call to the library's proprietary service to obtain a valid ILS patron ID. Simple and clean, meeScan provides a solution to bridge two separate systems and allow self-checkout in a library that would otherwise not be able to do it.

Type: Academic
Size: Over 8M printed volumes