Authentication Overview

Item request has been placed! ×
Item request cannot be made. ×
loading  Processing Request


Stacks supports Internal Authentication with a rich moderated user workflow with hierarchical staff roles and users access. Authentication provides Users access to Full Text, Stacks My Account and Protected Content. Staff are granted appropriate levels of access to the Stacks Dashboard.

Authentication may also be integrated using Stacks plug and play ILS API integrations, SIP2 or standard directory and SSO integrations such as LDAP, ADFS, SAML, Shibboleth and Ping. Additional statistical benefits are added when pairing one of these external integrations with OpenAthens.

Stacks sites can be configured as open websites or as password protected portals. All sample user journeys illustrated below are Open Website scenarios.

Content created in Stacks can be restricted to users by role or IP using Stacks Content Protection. Event Registrations and Room Bookings can also be password protected.

Stacks supports six (6) configuration options for patron authentication.


Patron Authentication 

Users are granted access to Read Online (one click access to Full Text with EDS integration), Stacks My Account and User-protected Content.


Full Text Access in Stacks 

  1. Requires user authentication (options 2-5)
  2. Option 1 grants anonymous onsite access to Full Text


Authenticated, Personalized Access into Individual Databases 

  1. Requires options 5
  2. May be handled by site SSO if mature enough


Which Options Apply to You?

authentication overview flowchart


Patron User Journeys 

Patron Authentication Options 

Option 1: IP Whitelist 

  • Plug and Play
  • No associated cost
  • Allows anonymous Full Text access onsite

Option 2: Internal 

  • No charge
  • Managed via Stacks Dashboard
  • Staff and Patron User Roles managed by Stacks
  • Patrons have access to Full Text and My Account
  • Users can be batch loaded/imported
  • Ideal for no directory or batch loading (ex. small college)

Option 3: SIP2 

  • Plug and Play
  • No associated cost
  • Standard protocol (available with most older ILS systems)
  • Simple user directory
  • Patrons have access to Full Text and My Account

Option 4: ILS or IDP 

  • Plug and Play
  • Annual ILS or Authentication fee applies (per grid)
  • Options include:
    • iii Millennium
    • iii Polaris
    • iii Sierra
    • SirsiDynix Symphony
    • SirsiDynix Horizon
    • Koha
    • Ex Libris ALMA/Primo
    • OCLC WMS
    • LDAP
    • ADFS
    • SAML
    • Shibboleth
    • Ping
    • Azure
    • Okta
    • Other
    • Coming soon - FOLIO
  • ILS Authentication enables full ILS integration feature set
  • Must have valid API license for ILS systems

Option 5: SSO via Secure Cloud 

  • Annual ILS or Authentication fee applies
  • Leverages secure OpenID connect technology
  • Compatible with all SAML based SSO systems including OpenAthens and Office 365 Azure Active Directory
  • Service required from Stacks; quick activation with accurate metadata
  • Best performance for non-Stacks entry point

Option 6: SSO with ILS Functionality 

  • Option five (5) features plus full ILS Integration capabilities