Versions Compared

Old Version 2

changes.mady.by.user Benjamin Oshrin

Saved on

compared with

New Version 3

changes.mady.by.user Benjamin Oshrin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Architecture and Components

...

The major components in this pilot are

  • COmanage Registry, used to manage participant registration in the collaboration
    • SQL database backend, used by COmanage
  • LDAP Server, provisioned by COmanage and used by collaboration services as a source of account information
  • ORCID, a researcher digital identity registry.

Configuration

This section assumes that each component is already installed and configured for basic connectivity.

...

It is assumed that COmanage is already set up with an enrollment process, such as the one used for the COmanageSSHPilot, and that an LDAP provisioning target has already been created.

The Pipeline must be defined first. The configuration should look like:

...

Next, configure an ORCID Organizational Identity Source. The initial setup will look like:

  • Description: ORCID
  • Plugin: OrcidSource
  • Status: Active
  • Sync Mode: Manual
  • Pipeline: ORCID Pipeline

After saving the initial setup, the ORCID configuration page will show the redirect URI needed to obtain the Client ID and Secret from ORCID. (More information about how to obtain the Client ID and Secret is available here.) Record the Client ID and Secret in the COmanage ORCID configuration page and click Save.

FinallyNext, create an enrollment flow for researchers to self-link their ORCID iD. The relevant configuration options are:

  • Name: ORCID Linking
  • Petitioner Enrollment Authorization: CO Person
  • Pipeline: None
  • Identity Matching: Self
  • Require Approval For Enrollment: No
  • Email Confirmation Mode: None
  • Do not add any Enrollment Attributes. (If prompted after saving the configuration, simply page back.)
  • Click Attach Org Identity Source, then Add Enrollment Source. Configure it as follows:
    • Organizational Identity Source: ORCID
    • Org Identity Mode: Authenticate

Finally, update the LDAP Provisioner configuration to export the eduPersonOrcid attribute.

Usage

To link an ORCID iD, the researcher simply logs into COmanage, selects PeopleEnroll, and clicks Begin next to ORCID Linking. The researcher will be redirected to ORCID to authenticate, and then returned to COmanage which will link the ORCID iD into the Registry record. 

Resources

...