This sections helps you make sure your patrons can get everything you license.
Whether you're a JSTOR newbie or an old hand, it's important to understand the options available in terms of access. By access we mean how, on a technical level, your school allows students, faculty, staff, sentient AI posing as human, etc to get onto JSTOR and read the things you subscribe to. Here's a listing of all your options.
If your institution has a physical location with dedicated IP addresses, then you will want to be sure to give us those IPs. This will ensure automatic access to any on-campus computers. Just email them to email@example.com, and we'll get you set up.
- Please note that addresses of the type 10.*.*.*, 172.[16-31].*, and 192.168.*.* are reserved for internal networks and are not useful for authentication purposes.
- If your IP addresses change or you add any, please let us know as soon as possible so we can ensure you have seamless access.
- If you're having trouble with access, we will probably need to know your IP address. You can ask your IT team for a list of active IPs but telling us your current IP will also be really helpful. Just type "What is my IP?" into Google.
A Referring URL is that thing when a user clicks a link to JSTOR from your library page. Their browser moves to the specified link and, when it requests the new page, it sends along the URL of the previous page. This "sent along" URL is called a referring URL and will get you access. It's not our preferred method because it's not super secure. You can see our technical requirements in the Librarian and Administrator section.
Proxy servers can be set up via IP address to allow users access to JSTOR. The proxy must require authentication to restrict it to authorized users only. Just provide us with your proxy server IP and we will add it to your account. If you are using EZProxy, you may want to review our recommended set-up.
If you are using the Single Sign On method, OpenAthens, we can help you configure it to allow access to JSTOR. Please email firstname.lastname@example.org and include your Org ID in the request to get started. You can learn more about this method of access and how to configure it in the Librarian or Administrator section.
Shibboleth is another type of Single Sign On system that allows users to authenticate via their institutional credentials to access JSTOR. In order for JSTOR to enable access via Shibboleth, we have to belong to the federation that you belong to. Here is a list of federations we currently belong to:
UK Access Management
Email email@example.com with the following information to begin the setup process:
The name of the federation to which you belong
Your Shibboleth Identity Provider ID (entity ID), and
The list of campuses (if more than one) served by that ID
Remote Username and Password:
This method of access is only recommended for smaller institutions (secondary schools, small faculty departments or offices, herbariums, etc). A remote username and password will be generated upon request. Please send these requests to firstname.lastname@example.org.
You can provide these login credentials in a secured space (one that is not open to the public) for your users. Users will then be able to go to the JSTOR login page and enter those credentials. After logging in on the left-hand, MyJSTOR side of the screen, they should see a Provider Designation Statement (PDS) that reflects their access is provided by your institution.
Once you have your access methods set up, you might consider asking our technical team to add your institution to our Institution Finder so students can easily log in if they come directly to the JSTOR website.
And that's everything.
If you have trouble with any of this, let us know.
We are able to support referring URL as an authentication method under the following circumstances:
- The referring URL must be password-protected, meaning users must authenticate in some way in order to gain access to the referring page, via username and password, library number, barcode ID or similar.
- Users do not have security software on their computers (personal firewalls and the like) that strips the referrer information from the headers. In these cases, referring URL authentication will not work.
- Sometimes library server configurations on a website result in the HTTP referrer header not being sent. If this is the case on your website, then referring URL authentication will not work for any users.
If these conditions work for you, then all we need is the referring URL, i.e. the URL of the page that includes the link to JSTOR. Referring URLs often look something like:
Please note that referring URL is not a fully-secure authentication method as the referrer can be manipulated in the HTTP header (at least one Firefox extension exists to do just this). It is important that participating institutions ensure that only authorized users are allowed access to JSTOR. Please contact JSTOR Support for assistance with setting up referring URL authentication for your institution.
Setting up EZproxy:
If you use EZproxy for remote access, you'll likely need to set obtain, install and configure an SSL certificate. There are instructions on how to do this on the OCLC site. You'll also need the JSTOR database definition, found below.
JSTOR database definition for EZproxy:
Setting up OpenAthens:
If your institution uses OpenAthens and you haven’t yet added JSTOR as a resource, you’ll need to set it up in your OpenAthens administrator interface in order to access JSTOR from this service.
What you need to do:
- Log into the OpenAthens administrator interface at https://admin.openathens.net.
- Select Resources > Permission sets
- Click on the permission set that you want to change and then click on the Attributes tab (NB: the Role should already be set to ‘member’. If it is not, you should take this opportunity to set it to ‘member’).
- Click on the ‘Add a resource’ button, type JSTOR into the dropdown field and then select the JSTOR item that appears:
- Enter this text into the text box underneath JSTOR: urn:mace:dir:entitlement:common-lib-terms
- If your permission set attributes now look like this, click on ‘Save changes’:
- This will add the new JSTOR access point to your permission set automatically.
- Please be sure to contact us at email@example.com with your organization’s federation Entity ID information. You can find this information in the OpenAthens administration interface by clicking on Management in the menu bar and then selecting Organization & Entity IDs.
VPAT stands for Voluntary Product Accessibility Template and is a way to check for Section 508 compliance. (In case you aren't familiar with the history or content of Section 508 you can find some information about it on the following page.) Occasionally you may need a VPAT from JSTOR to verify that our website is generally accessible to people with disabilities.
Download our most recent VPAT.
Shibboleth & OpenAthens at JSTOR: ONE LOGIN TO RULE THEM ALL
JSTOR enthusiastically supports SAML authentication, including Shibboleth and OpenAthens. We've transitioned over 390 institutions to single sign-on and we're here to help if you need us. Below is what you'll need to connect to JSTOR once you've got Shibboleth up and running.
WHAT YOU NEED FROM US
Our SP entityID: https://shibboleth2sp.jstor.org/shibboleth
Membership: We belong to the federations below, but can work with many others via interfederation metadata (if in doubt, contact us):
- UKAMF (United Kingdom) [metadata]
- eduGAIN (Federation Membership Organization) [metadata]
- InCommon (United States) [metadata]
- OpenAthens (Multiple Countries) [metadata]
- SWITCHaai (Switzerland) [metadata]
- DFN-AAI (Germany) [metadata]
- eduID.cz (Czech Republic) [metadata]
WAYFless URL Generator
- EntityId: Your entityID goes here
- Encrypted Packet Receiver: http://www.jstor.org/shibboleth
- Deep link URL: Optional. Leave blank.
When you have created a verified a working WAYFless URL, please inform firstname.lastname@example.org to update our value for you on our Login page.
WHAT WE NEED FROM YOU
JSTOR requires that the eduPersonScopedAffiliation attribute is present in the XML file presented for authentication. For information on how this attribute works and acceptable values and formats, please see this handy guide
Want to allocate different JSTOR resources across different campuses, departments, or affiliated groups (like current students vs. alumni)? Yes, you can do that!
- By Department
- eduPersonEntitlement: present a URI that distinguishes the department from others at the school. Ex: science.wagstaff.edu
- eduPersonScopedAffiliation is still required
- By Role (student vs. alum vs. staff, etc.)
- eduPersonScopedAffiliation: present a URI that distinguishes between groups that need to receive different access. Ex: email@example.com and firstname.lastname@example.org
- By Campus
- eduPersonScopedAffiliation: present a URI that distinguishes between campuses that need to receive different access. Ex: email@example.com and firstname.lastname@example.org
When you’re ready to make the leap, email us your entityID and let us know if you need access provisioned across different groups, campuses, or departments.
Questions? Email us, chat with us by clicking the chat prompt below (during normal business hours only), or call us at 888-388-3574 or 734-887-7001.
We've compiled various forms relevant to your participation with JSTOR here, including a Sole Source Statement, W-9s, a Tax Exempt Letter, Accessibility Standards, and various payment documents. If you need something that isn't listed below, please contact JSTOR Support with your request.
JSTOR Sole Source Letter: While there are many online resources for scholarly content, JSTOR is the sole provider of the collections in the JSTOR Archive. This content is not being provided in JSTOR's aggregated format from other sources.
Form W-9 (ITHAKA): Form W-9, Request for Taxpayer Identification Number and Certification, is an official statement from JSTOR of its Tax Identification Number. Participants may rely on the information on the form for their records and/or reporting needs. ITHAKA's Employer Identification Number is 133857105.
Internal Revenue Service (IRS) Letter: This letter, dated March 13, 2000 from the Internal Revenue Service, establishes JSTOR as a tax exempt organization and as a public charity under Sections 501(c)(3) and 509(a)(2) of the Internal Revenue Code.
Certification of U.S. Tax Residency: IRS Form 6166, certifying that ITHAKA is a resident of the United States for purposes of U.S. income tax laws.
Payment Instructions: For participants paying an invoice by check, wire transfer or credit card.
Accessibility Standards: The JSTOR Platform is compliant with Section 508 of the Rehabilitation Act and W3C WAI WCAG 2.0 Level A accessibility standards.