[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[EP-tech] ORCID Support Advance Update



I think, ultimately, the situation you described previously:


I was reading this:

https://support.crossref.org/hc/en-us/articles/214567746-Authors-and-editors

recently - and wondering what the 'authenticated="true"' attribute

actually meant - and how the this assertion should be passed between

systems.

Makes a lot of sense and something along the lines of the display mechanism (from another previous discussion) shown here:
Authenticated: https://dblp.uni-trier.de/pers/hd/b/Bizer:Christian
Unauthenticated: https://dblp.uni-trier.de/pers/hd/b/Baierer:Konstantin

for entries we don?t explicity trust would be workable, with ORCID agreement.  Perhaps even a 3? level trust status ? ?Locally Authenticated with ORCID?, ?Directly from a Trusted 3rd Party? (e.g. DOI), ?Derived from metadata?  or something like those, so it is clear what level of trust can /should be put in the data.
We?re probably then in the realms of ?who decides which 3rd Parties to trust?, but at least then we?re not throwing away potentially valuable data, or having to create local user records for all authors with an ORCID in our systems.

In my head, if I pull a metadata record from e.g. Whiterose (cheers John!) which has a bunch of Locally Authenticated ORCIDS, I can include them as ?Directly from a Trusted 3rd Party?. Anything Whiterose has as Directly from a Trusted 3rd Party could be downgraded for me as ?Derived from metadata? (or I could go and get the data from DOI directly myself), and I can add any ?Locally Authenticated? for my own ?connected? user authors.

Any thoughts?  It seems worth an attempt at consensus amongst ourselves to then present a workable solution to ORCID for future improvements.

Alan


From: eprints-tech-bounces at ecs.soton.ac.uk [mailto:eprints-tech-bounces at ecs.soton.ac.uk] On Behalf Of Will Fyson
Sent: 03 August 2018 11:17
To: eprints-tech at ecs.soton.ac.uk
Subject: Re: [EP-tech] ORCID Support Advance Update

To clarify, repository users do only have to connect their repository account to their orcid just the once, but I appreciate this is still a hurdle for busy academics and VIPs. And, as you say, for records with hundreds of authors where the record may be deposited in hundreds of repositories, emailing the external authors is not a sustainable solution!

The problem I think is ultimately described at https://members.orcid.org/api/member-api-credentials-check-list in the 'Mandatory Requirements' section, which explicitly prevents users from typing in ORCIDs. With this in mind I think the only options are to ask ORCID to change the requirments for using their member API (but this then erodes trust in their system) or we only allow external author ORCIDs to be added from other trusted systems, such as via a DOI (which will be possible when EPrints is better at storing where particular items in the metadata came from).

Will



________________________________
From: Philipp Zumstein [philipp.zumstein at bib.uni-mannheim.de<mailto:philipp.zumstein at bib.uni-mannheim.de>] Sent: 03 August 2018 07:18 To: Eprints-tech Subject: Re: [EP-tech] ORCID Support Advance Update

Thank you all for the helpful comments to understand better how the

trigger is technically working. I share some concerns about the

practical workflows similar to Jan when it comes to importing from ORCID

to our repository:



- The additional work with ORCID in our repository for our professors or

other VIPs has to be minimal for them, e.g. 3-4 clicks. They certainly

don't want to authenticate all the time or receive a tons of emails.

Some of them are currently not personally adding publications in our

repository, but that is rather a job for their secretaries. Moreover, we

plan to add more data directly by our librarians.



- I completely understands that ORCID wants to control and ask for

authentification about the data which is saved in their database, i.e.

the data which is exported from the repository to ORCID. But I don't

see, why they want to restrict the information which we save in our

repository. The DOIs, ISBNs and ISSNs we add in our repositories are

also not authenticated by the publishers or authors. Moreover, I can add

my ORCID to my website or add it as part of my email signature by just

copy and paste the number without any authentication.



- Sending emails to all authors for authentication sounds horrible.

Imagine for example a paper with 1.000+ authors (e.g. from high energy

physics) which ideally is saved in the repository of every author, which

then would result in a huge amount of emails together. There is no

incentive for the researchers to answer these emails and I guess that

they would just categorized them as spam.



Best regards,

Philipp





Am 02.08.2018 um 14:10 schrieb Jan Ploski:

These are very good points, John. I asked about this a while ago after

an ORCID webinar at JISC, and there were no answers.



The whole idea of "author-authenticated entry of ORCID iDs" seems rather

misguided - like a short-sighted "overkill" technical solution to what

is an organizational and data quality control problem. Just because you

can do certain things using OAuth doesn't mean it's a good idea.



In our repository much data entry is done by editorial staff, not by the

authors themselves. We don't want to bother our authors (and much less

external contributors) by email just to "sign off" the entry of their

ORCID iD. This reeks of bureaucracy and would undoubtedly make it LESS

appealing to integrate with ORCID. Needless to say, we won't use a

plugin which forces that sort of workflow upon us.



Add to this that authenticating just ORCID iDs alone does not really

solve the data quality problem - just like one can make a data entry

error in an ORCID iD, one can also make an error in an email or really

any part of metadata - which obviously won't be automagically verified

by ORCID or the author who confirms just that their iD is correct. In

the end, the truth content of metadata is based on human dilligence and

trust in quality control measures undertaken by the repository, not by

some central external identity management system - which also

constitutes a single point of failure from a distributed systems

management viewpoint, and is a nuisance to repository users who now have

to log in not just to the repository, but also to ORCID.



In short, verifying by automatic lookup or some such that the ORCID iD

entered is correct, is great, forcing authors to act as plugins to the

data entry system really is not.



On 08/02/2018 12:32 PM, John Salter wrote:

This naturally poses a problem for storing ORCIDs for external authors,

but in my experience most repositories are happy storing ORCIDs for just

their own users.







This concerns me. We (repository developers) shouldn't be encouraging a

blinkered approach to ORCIDs (or other persistent identifiers).



You wouldn't exclude a DOI for a paper if it wasn't minted by your

institution - so why would you choose to discard ORCIDs for non-local

members?







If the ORCID has come from a trustworthy upstream system (e.g. CrossRef,

PubsRouter), then the ORCID should stay with the author.



Local ORCIDs can supplement this data - so a record harvested from your

repository is 'improved'.







I was reading this:

https://support.crossref.org/hc/en-us/articles/214567746-Authors-and-editors

recently - and wondering what the 'authenticated="true"' attribute

actually meant - and how the this assertion should be passed between

systems.



If a **trusted** upstream system states that an ORCID is authenticated -

can we as a consumer of that data also state that the ORCID is

authenticated when relaying data from our system?







The ORCIDs should be seen as an 'additive' set of data - if your system

can state that an author now has an ORCID - do it.



Just don't throw away data that already exists for non-local authors.







Cheers,



John







*From:*eprints-tech-bounces at ecs.soton.ac.uk

[mailto:eprints-tech-bounces at ecs.soton.ac.uk] *On Behalf Of *Will Fyson

*Sent:* 02 August 2018 10:59

*To:* eprints-tech at ecs.soton.ac.uk<mailto:eprints-tech at ecs.soton.ac.uk>

*Subject:* Re: [EP-tech] ORCID Support Advance Update







Hi Tomasz,



The ORCID Support Advance plugin does only allow ORCIDs to be stored

against creators/editors if they can be matched to a user via the

'Email' column in all circumstances (to facilitate the read-only nature

of the field). Therefore ORCIDs added through use of the ORCID Support

plugin are affected by this too.



When we've been installing the Advance plugin on repositories we've been

encouraging administrators to tidy up their ORCID data so that the

ORCIDs stored are matched with user profiles. This naturally poses a

problem for storing ORCIDs for external authors, but in my experience

most repositories are happy storing ORCIDs for just their own users.



If an email isn't present in the creator/editor field, but an ORCID is,

the ORCID would be removed the next time the EPrint is recommitted. The

ORCID Support Advance plugin contains a pre-commit trigger that updates

the ORCID field based on the email column to help keep the record up to

date. These triggers are disabled by default when the plugin is

installed however to prevent any accidental erasing of data by

installing the plugin. (the fields are read-only upon installing the

plugin however and so until the triggers are re-enabled the content of

the creator/editor ORCID fields is essentially fixed.)



I hope this helps answer your questions!



Many thanks,



Will











------------------------------------------------------------------------



*From:* Tomasz Neugebauer [Tomasz.Neugebauer at concordia.ca<mailto:Tomasz.Neugebauer at concordia.ca>

<mailto:Tomasz.Neugebauer at concordia.ca><mailto:Tomasz.Neugebauer at concordia.ca>] *Sent:* 01 August 2018 17:50

*To:* Eprints-tech *Subject:* Re: [EP-tech] ORCID Support Advance Update



Hi everyone who has installed the ORCID Support Advance plugin, Will?







I am still looking to get a clearer picture of what I can expect to

happen when I install the ORCID Support Advance plugin on top of the

ORCID Support plugin that we currently have working.







What will happen to the ORCID ID?s that we have already collected in the

author field of publications?







The description from Will below about ORCIDs from a DOI import says this:



?, the ORCID field uses the creator/editor 'Email' column to lookup user

profiles in the repository that have connected to orcid.org so that the

creator/editor ORCID field can be verified. As such any ORCID added via

a DOI import, might then be erased if the user profile lookup cannot be

made. ?







Does the above also apply to any ORCIDs that we have been collecting

using the ORCID Support plugin?







I don?t think that our depositors have been diligently filling in the

email column in the author field during the deposit process, does that

mean that the user profile lookup will fail and the ORCID will be

deleted for any author that doesn?t have an email listed in the author

column?



When does this deletion happen, during indexing? Is there any way to

prevent it from happening?







Thanks so much for any insight or advice on this is really appreciated.







Tomasz























*From:*eprints-tech-bounces at ecs.soton.ac.uk

<mailto:eprints-tech-bounces at ecs.soton.ac.uk><mailto:eprints-tech-bounces at ecs.soton.ac.uk>

<eprints-tech-bounces at ecs.soton.ac.uk><mailto:eprints-tech-bounces at ecs.soton.ac.uk>

<mailto:eprints-tech-bounces at ecs.soton.ac.uk><mailto:eprints-tech-bounces at ecs.soton.ac.uk> *On Behalf Of *Will Fyson

*Sent:* July 11, 2018 10:16 AM

*To:* eprints-tech at ecs.soton.ac.uk<mailto:eprints-tech at ecs.soton.ac.uk> <mailto:eprints-tech at ecs.soton.ac.uk><mailto:eprints-tech at ecs.soton.ac.uk>

*Subject:* [EP-tech] ORCID Support Advance Update







Hi Everyone,



A couple of minor updates have been applied to the ORCID Support Advance

plugin, bringing it up to version 1.3.2.



The updates are only very minor, fixing issues where the plugin was

generating a few too many messages in the indexer and error logs. A

Change Log documenting these most recent changes is available at

https://wiki.eprints.org/w/ORCID_Support



Regarding the discussion a couple of emails above in the EP-Tech list

("Import by DOI in ORCID plugin"), a new DOI imported that takes ORCIDs

into account is not available at present. Due to the requirements that

the ORCID field must be readonly when connected to the member API so

that ORCIDs can only be added via an authoritative source, the ORCID

field that is added to the creator/editor tables cannot be edited.

Therefore to stop values from being entered, which then later cannot be

removed, the ORCID field uses the creator/editor 'Email' column to

lookup user profiles in the repository that have connected to orcid.org

so that the creator/editor ORCID field can be verified. As such any

ORCID added via a DOI import, might then be erased if the user profile

lookup cannot be made.



This is an issue we're looking into resolving however and so hopefully

we should have some updates on it in the future!



Many thanks,



Will









*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech



*** Archive: http://www.eprints.org/tech.php/



*** EPrints community wiki: http://wiki.eprints.org/



*** EPrints developers Forum: http://forum.eprints.org/











*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech

*** Archive: http://www.eprints.org/tech.php/

*** EPrints community wiki: http://wiki.eprints.org/

*** EPrints developers Forum: http://forum.eprints.org/





*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech

*** Archive: http://www.eprints.org/tech.php/

*** EPrints community wiki: http://wiki.eprints.org/

*** EPrints developers Forum: http://forum.eprints.org/







-- The Open University is incorporated by Royal Charter (RC 000391), an exempt charity in England & Wales and a charity registered in Scotland (SC 038302). The Open University is authorised and regulated by the Financial Conduct Authority in relation to its secondary activity of credit broking.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/eprints-tech/attachments/20180803/ad2fd5cf/attachment-0001.html