LibKey Nomad for IT Professionals

How do you install Nomad?

LibKey Nomad is a browser extension which means you install it via the Chrome store. A direct link to install it will be provided here as well as on our LibKey Nomad home page when it is available for download. Installing and setup is quick and easy. Simply download and install the extension, choose your supported institution and you are all set.

Do users need need to create an account to use Nomad?

No! Nomad, like all of Third Iron technologies, is very privacy minded.  There are no user accounts to create, the extension does not ask for or store your institutional user credentials and we do not run our scripts on any webpages other than those that are supported publisher pages as well as a few select domains such as PubMed, Wikipedia and Google Scholar which have unique enhancements for each site.

What browsers will Third Iron support for LibKey Nomad?

LibKey Nomad supports Chrome, version 76.x and newer, the world's most popular browser.  Other browsers may be supported in the future as user interest and market size warrants.

What browsers might LibKey Nomad work on and which are not officially supported by Third Iron?
In theory, any browser built on the Chromium technology should be compatible with LibKey Nomad including browsers like the privacy conscious Brave and Microsoft's latest version of its Edge browser (in beta). However, because installation in these bleeding-edge browsers is not for everyone and will not be supported by Third Iron support.  

Are there any security risks for my users in using Nomad?  How and when is data transferred to your servers?

This largely depends on what an institution considers a security risk. However, we have designed the extension with privacy and security in mind and with the notion that an IT department could add the extension to their imaged desktop builds pre-configured for the institution with ease to help deploy this technology rapidly throughout an organization.

The key elements to the security of LibKey Nomad are:
  • There are no user accounts involved so we never ask for any personal information from the user.
  • The LibKey Nomad scripts within the extension only execute on supported publisher pages and on a few select domains such as PubMed, Wikipedia and Google Scholar in order to perform unique enhancements to each site.
  • We do not attempt to cache user credentials for the SSO, proxy servers, etc.  Remote access is continuing to be governed by the existing remote authentication in service at your institution.  LibKey Nomad only forwards to those services and they then otherwise function as normal.
  • All analysis by the LibKey Nomad scripts that occurs in the browser is used to located the unique identifier (DOI or PMID) for the article in question and then to send it to our LibKey API service which returns all necessary linking information to forward the user to the content in question, via your existing authentication routes. The Nomad browser extension handles all token requesting/issuing to provide authentication to this endpoint.
  • LibKey Nomad is CORB compliant (More information on CORB).
LibKey Nomad may also interface with the non-profit OADOI project to check for the existence of OA alternatives to articles as well.

Selecting an institution is as simple as downloading the application from the Chrome Extension Store and then selecting your subscribed institution when prompted.  Visibility of any particular library is determined by the institutions active subscription status with Third Iron.  Additionally, institutions may elect to NOT make Nomad available to their users.

Selecting a given institution then allows that user to utilize the Nomad service through the "lens" of that institution.  Thus, if I select a University that I have no affiliation with, the utility of the service will not be very high because if I see a Nomad button appear while looking at a particular indicating I can download the PDF of that article, presuming it is not open access, after clicking I will be prompted by the authentication mechanism of that institution to sign in... which I will not be able to do.

However, it should be noted that selecting that institution does allow anyone who does so to see that this library does POSSESS a license to a particular article even though they cannot retrieve it.  Depending on the security level of your organization, the sheer knowledge that your organization subscribes to a particular journal may be considered "proprietary information".  Naturally, the high degree of utility afforded to users utilizing this "signposting" capability of LibKey which saves them the trouble of having to try to sign in first only to find out they don't actually have a subscription to that article is the entire purpose of LibKey Nomad, so we cannot divorce this functionality from the application.

Most institutions do not worry about this of course because there is nothing proprietary about this content - anyone in the world can subscribe to or license it for their institution, but we did want to be fully transparent that this knowledge is present in LibKey Nomad and does not require authentication to view.

Additional Questions or Concerns?

Contact us!  Please drop us a line at support@thirdiron.com and will be happy to assist!

Feedback and Knowledge Base