OpenAthens Ideas Portal

We're always looking for ways to improve our products, and we'd love your input to help us make that happen. Your suggestions will guide us in deciding where we should focus our future research and development.

Just sign in with your email to share your thoughts or vote for ideas you like—it'll help them get noticed!


Here’s how the portal is organised:

  • Librarians (Identity Providers): Share ideas that help organisations that manage user identities and provide access to online content and services. This includes improving the experience for students and researchers.

  • Publishers (Service Providers): Share ideas for organisations that offer content and services.


Guidance on using this portal

Add a new idea Subscribe
Status Research & discovery
Workspace Librarians
Categories User accounts and permission sets
Created by Guest
Created on Jan 9, 2025

RELATED IDEAS

The ability to assign on-prem IP ranges to permission sets

We have our system configured to allow access to resources without authentication if the user is on a pair of recognized, on-prem, IP ranges. This works for most resources; however we have a few resources that are restricted to one IP range only. Currently if a user tries to access a resource from the non-approved IP range, they are given a non-authorized message because their IP address is one of the on-prem IPs but not the right one. They would be allowed to access the resource if they login with the proper credentials and were assigned the proper permission set. If our permission sets could be assigned an IP range when appropriate, then we could require authentication when user tries to access from the non-authorized IP range.

Is this currently impacting your ability to use OpenAthens effectively? Yes
Idea type Day-to-day tasks/actions improvements
  • Attach files
  • Guest
    Apr 20, 2026

    Strongly support the implementation of this.

    It would be extremely helpful for our use case as well: We use the SAML connector to connect our institutional user accounts. But, we have users with institutional credentials who are only permitted to access resources from on-campus. Right now, we're having to develop a middleware that uses the API Connector, checks a user's IP at the login point, and is hosted in our environment. This means additional maintenance for us and an additional point of failure. If we could assign on-campus IPs to a permission set, then we could simply assign these users to this permission set, and no longer need to support our middleware.

    Reply
  • Guest
    Apr 16, 2026

    This idea may help with another use case:

    Some vendor licenses permit onsite access only, but the library still requires OpenAthens usage statistics. Access Accounts are not suitable because they require additional logins for staff and users. Currently, the only workaround is to avoid OpenAthens entirely by enabling only the onsite IP range, which is not viable when:

    •The library lacks a fixed IP range, and/or
    •OpenAthens statistics are required for all resources, and/or
    •Access must still be restricted to authenticated users rather than everyone on the IP range.

    It would be great if permission sets could be assigned based on the user's IP range (at the time they logged in) as assigned to each permission set.

    Reply