EPrints Technical Mailing List Archive

Message: #09246

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] Multi-Factor Authentication (MFA) for EPrints Login

Hi Martin,

The way that most repositories do this is to use institutional single sign on (SSO) that will now normally have MFA baked in.  EPrints integrates with this using Shibboleth where it acts as a Service Provider:


There are no plans to implement MFA directly into EPrints, as there are existing implementations that could be integrated into EPrints on a case-by-case basis.  If you do not have institutional SSO that allows you to configure EPrints as a Shibboleth Service Provider, then an OAuth implementation may be possible.  As I have not needed this, I have not had reason to implement it.  I don't know if anyone else has tried implementing an OAuth user authentication implementation for EPrints.


David Newman

On 21/03/2023 10:23 am, Martin Brändle via Eprints-tech wrote:
CAUTION: This e-mail originated outside the University of Southampton.

Dear all,


IT security at our institution requires that all services that provide login to user accounts implement multi-factor authentication in some way (e.g. via Azure AD and Microsoft Authenticator or another authenticator). We must check our EPrints repository, too.


Has anybody done this and could provide us with some hints how to do? Currently we use LDAP .


https://wiki.eprints.org/w/Category:Authentication and sub-pages seem not to be up-to-date.


Thanks in advance and kind regards,





Dr. Martin Brändle
Zentrale Informatik
Universität Zürich
Stampfenbachstr. 73
CH-8006 Zürich

mail: martin.braendle@uzh.ch
phone: +41 44 63 56705


*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/