OpenAthens Ideas Portal

We're always looking for ways to improve our products, and we'd love your input to help us make that happen. Your suggestions will guide us in deciding where we should focus our future research and development.

Just sign in with your email to share your thoughts or vote for ideas you like—it'll help them get noticed!


Here’s how the portal is organised:

  • Librarians (Identity Providers): Share ideas that help organisations that manage user identities and provide access to online content and services. This includes improving the experience for students and researchers.

  • Publishers (Service Providers): Share ideas for organisations that offer content and services.


Guidance on using this portal

Add a new idea Subscribe
Status Already exists
Workspace Publishers
Categories * Other
Created by Guest
Created on May 16, 2025

RELATED IDEAS

Stop requiring AssertionConsumerServiceURL parameter inside SAML requests

As explained in OASD-27648, the OpenAthens IdP requires SAML requests to identify the SP’s “AssertionConsumerServiceURL=” or else OpenAthens will throw the following Bad Request error: “Could not establish assertion consumer service url for…“

OASD-27648 suggested that the SPs make adjustments on their side to start including AssertionConsumerServiceURL inside their SAML requests. However, that would put extra responsibility on SPs, and it might require development work on their end which could take months/years, or they might not be able to accommodate it at all. In either situation, our customers are unable to use OpenAthens with those resources.

With this being the case, I notice in OASD-27648 that “the SAML spec we use mentions ACS in the AuthN request is optional”. Since the inclusion of AssertionConsumerServiceURL is optional and not required, would it be possible for OpenAthens to stop requiring it in SAML requests?

Is this currently impacting your ability to use OpenAthens effectively? Yes
Idea type Something to improve
  • Attach files
  • Guest
    Jun 20, 2025

    Would this be solved by making sure OA is signing assertions?

    1 reply
  • Admin
    Sarah Underwood
    Jun 5, 2025

    Thanks so much for your idea, votes, and comments. I have confirmed with our in-house technical experts that this parameter is optional, in accordance with the SAML spec, but that there were some other issues causing this problem and this support ticket has since been closed.

    Reply