How Does The BrowZine App Handle Authentication?
The BrowZine app handles user authentication in one of two ways: automatic login or manual authentication. The method used will depend on your institution’s authentication process for accessing e-resources.
The BrowZine app is capable of automatically logging users into most traditional login forms. These are often based on systems such as EZProxy, WAM, OpenAthens and other similar technologies. The general technical requirements for automatic login are:
- An HTML-based login form with clearly defined username and password fields.
- Using a form submission to submit the login.
- Displaying error messaging for problems such as an incorrect username/password, an expired account, an incorrect affiliation, etc.
In this situation, users save their institutional username and password in the BrowZine app. When they request an article, the BrowZine app will take these saved credentials and submit them to your institution’s login form automatically. Users will be logged in (or shown an error if there is a problem) and forwarded along to the article PDF they requested.
BrowZine is not able to perform this automatic login process on more sophisticated enterprise authentication or access management systems. Some of these systems include OneLogin, Okta, federated login using Microsoft or Google, and other similar systems. In many respects these systems are explicitly designed to prevent attempts at automatically logging in users for the sake of security. This also makes it impossible for BrowZine to do so.
In this situation, users enter their institutional username and password directly in the BrowZine app when they first request an article. Your institution's login form appears in a small window much as it would in a web browser. After entering and submitting their login, the user will be logged in (or shown an error if there is a problem) and forwarded along to the article PDF they requested.
If the user requests more articles, their login will be remembered for a period of time in much the same way as a web browser would. They will not need to repeat this login process for each article. The period of time their login is remembered depends on your authentication system’s settings. After that period has lapsed, users will be prompted to login again the next time they request an article via the BrowZine app.
What About Two Factor Authentication?
Institutions using authentication systems capable of either automatic login or requirement manual authentication may also use two-factor authentication. This requires that users submit a special code in addition to their password. The user typically receives this code via text message or generates it via a companion app. By nature this code is known only to the user and BrowZine cannot bypass or ignore this requirement.
For institutions which meet our requirements for automatic login, two-factor authentication requires separate handling. The request for the additional code appears directly in BrowZine much as it would in a web browser. After it is accepted, the user is forwarded along to the article PDF they requested. The period of time their authentication is remembered depends on your authentication system’s settings.
For institutions using manual authentication, this additional step occurs as part of the same login process detailed above.
How Are Saved Credentials Stored?
More information on this is available in a separate article here
What About VPN or On-Site Only Configurations?
Institutions setup to use VPN-based authentication or which restrict BrowZine access to on-site only do not need to worry about this automatic/manual distinction. Users are granted or denied access based on their IP address and if that IP is on the list of addresses provided during your account setup. More details on how authentication works in this scenario are available in our article on VPN support