What's in this article:
SAML (Shibboleth, Open Athens)
Below you will find all of the access options available for JSTOR participating institutions.
You must be logged in and have Admin permissions in order to verify or edit Access Methods
Access your JSTOR Admin Tools: https://www.jstor.org/admin/login
IP Access:
What is IP access?
An IP address range (IP stands for “internet protocol”) is one way that your network manages access to JSTOR content. Having accurate IPs on record for your institution enables automatic access to your content from any on-campus computers and is a key component of setting up remote access via a proxy server.
Dedicated IP addresses can be used for content access in different ways. For example, they may be configured to enable network access that applies to a physical, geographic location (such as a centralized campus) and/or they may do so for a VPN (virtual private network) that may be more distributed in nature (such as a multi-location, or virtual campus).
You will want to note your institution's IPs and ensure that your JSTOR records reflect them accurately.
- Addresses of the type 10.*.*.*, 172.[16-31].*, and 192.168.*.* are reserved for internal networks and are not useful for authentication purposes.
- If you're having trouble with access, we will probably need to know your IP address. You can ask your IT team for a list of active IPs but telling us your current IP will also be really helpful. Just type "What is my IP?" into Google.
Where can I find my IP address/es?
To check your IP addresses on file:
- Log into your individual JSTOR account as an Admin. You will find a tab at the top of the page for Access Methods. Select this tab.
- On the Access Methods page, you will find a drop-down menu of one or more institutions (as relevant to your institution)
- Select the institution you wish to view IP ranges for (or if only one institution then this will be selected by default for you and no selection is required)
- Below the IP Addresses tab, you will be able to review your existing access methods for the Institution selected earlier in the drop-down including IP addresses. These are expressed in ranges that reflect all addresses on record.
- If you do not see a range you are expecting, or need to make changes, please refer to "How do I update my IP address/es?"
Tip: For record or support purposes, you may wish to use the convenient Copy button to copy and paste the IP addresses as needed
How do I update my IP address/es?
- If your IP addresses change or you would like to add additional IP ranges, contact support@jstor.org as soon as possible so we can ensure you have seamless access.
- If you're having trouble with access, your IP address can be valuable information to have ready. Use the convenient Copy button cut and paste your exact range or ranges as needed.
Referring URL Access:
What is a referring URL?
A referring URL is a link on your library page which sends users to JSTOR. As long as they are travelling to the JSTOR site through this link, JSTOR recognizes them as a member of your institution and gives them access.
To ensure that users accessing JSTOR in this way are members of a particular institution, this link can only be displayed behind a password-protected page. It's not our preferred method because other available methods are more secure. Learn more about our technical requirements for managing access, content, and more.
Where can I find my referring URL?
To check your referring URL:
- Log into your individual JSTOR account as an Admin. You will find a tab at the top of the page labeled Access Methods. Select this tab.
- Select Referring URL from the Access Methods page
- Below the Referring URLs tab, you will be able to review any existing referring URL/s
- If you do not see a referring URL that you are expecting, or need to make changes, please refer to “How do I update my Referring URL?"
- If no referring URLs exist on record, you will see the message "Your institution does not have any saved referring URLs in JSTOR".
How do I update or add my Referring URL?
If your referring URL/s change or you would like to add additional referring URLs, please contact support@jstor.org as soon as possible so we can ensure you have seamless access.
What Referring URLs are not supported?
While we support many common access methods using referring URLs, there are a few specific referring URL management tools we discourage due to known issues with our systems:
- SharePoint (Microsoft)
- Blackbaud
Proxies:
What are proxies?
Proxy servers (or proxies) can be set up via IP address to allow users access to JSTOR both on and off-campus. Your proxy server URL will display in JSTOR's institution search and will be used to create a Remote Access URL on item pages.
Before adding a proxy link, make sure the server's IP appears in the IP Addresses tab. Proxies must require authentication to restrict it to authorized users only.
Where can I find my proxies ?
To find your proxies:
- Log into your individual JSTOR account as an Admin. You will find a tab at the top of the page labeled Access Methods. Select this tab.
- Select Proxies from the Access Methods page
- Below the Proxies tab, you will be able to review and edit any existing proxy server URLs
EZproxy: If you use EZproxy you must be using version 6.2.2 or later for access. Learn more about our recommended access management set-up.
How do I update my proxy server information?
- Add a new proxy by entering your institution's proxy login URL then Save
- Delete or Edit an existing proxy by selecting the appropriate option next to the proxy server URL
To delete a proxy, select Delete and then confirm the selection if certain in your selection. This action cannot be undone and may break links previously bookmarked by users at your institution.
Please allow 30 minutes after submitting updates for changes to be reflected in the JSTOR institution search.
Please contact JSTOR Support at support@jstor.org if you have questions about how to update your proxy server IP information.
What proxies are supported?
Only proxies that use stanzas in their configuration are supported.
The following proxies are recommended:
- OCLC EZPROXY
- LibProxy
Google Social Sign On (SSO)
What is Google SSO?
To use Google as your single sign on method, you may configure one or more of your institutions to allow access to JSTOR. Our system will recognize any member logging into Google with your institution's domain name and provide institutional access.
To log in using Google SSO, you can use either the “Log with Google” button pictured below or through institution search results, if applicable.
When logging in through Google Single Sign On you will be required to create or log into a personal JSTOR account. If you are new to GSSO, you will be prompted to register on a Google page before gaining access.
Domains must be unique to your institution and cannot be shared across multiple institutions within a district.
Where can I find my Google SSO Domains?
To check your Google SSO domains:
- Log into your individual JSTOR account as an Admin. You will find a tab at the top of the page labeled “Access Methods.” Select this tab.
- Select Google SSO from the Access Methods page
- Below the Google SSO tab, there is an open text field to add your Domains. Here, you have the option to add and edit domains or simply check which domains are already associated with your JSTOR account.
How do I update or add domains for Google SSO?
- If you need to edit, add, or delete Google SSO domains, go to the Google Social Sign on (SSO) tab on the Access Methods page. Here you will note that there is an open text field under Domains which is where you can add (Add Domain), remove (Delete), or edit (Edit) one or more domains as needed for your institution.
- If you are not sure what format to use or what you are looking for, some helpful domain examples are included in "Examples" box on the upper-right corner of the page. You may wish to add domains with or without the full URL path.
Please allow 30 minutes after submitting updates for changes to be reflected in the JSTOR institution search.
SAML (Shibboleth, Open Athens):
What is SAML (Shibboleth, Open Athens)?
Security Assertion Markup Language, or SAML, serves as a way for external systems and services to verify that a user is who they claim to be (similar to a personal identification card) in a standardized way. SAML makes single sign-on (SSO) technology possible by providing a way to authenticate a user once and then communicate that authentication to multiple applications for a more seamless digital experience.
Shibboleth is a proprietary single sign-on method that allows users to authenticate via their institutional credentials to access JSTOR. In order for JSTOR to enable access via Shibboleth, we have to belong to the same federation that you do. Here is a list of federations we currently belong to:
- UKAMF (United Kingdom) [metadata]
- eduGAIN (Federation Membership Organization) [metadata]
- InCommon (United States) [metadata]
-
OpenAthens (Multiple Countries) [metadata]
- If you are using Open Athens as your chosen Shibboleth Federation, you can learn more about how to configure it in Access Management: Technical Instructions.
- DFN-AAI (Germany) [metadata]
- Studentnet (Australia) [metadata]
Where can I find my SAML Entity ID information on JSTOR?
To check the SAML Entity ID information in JSTOR's system:
- Log into your individual JSTOR account as an Admin. You will find a tab at the top of the page labeled “Access Methods.” Select this tab.
- Select SAML from the Access Methods page
- Below the SAML tab, there is an open text field to add your Entity ID. Here, you have the option to add your EntityID or simply check which EntityID is already associated with your JSTOR account.
How can I update my SAML information?
If your institution uses eduPersonEntitlement or your institution uses SAML for an alumni subscription, you can add your EntityID in the Remote Access section.
Alternatively, support@jstor.org with the following information to begin the setup process:
- The name of the federation to which you belong
- Your Shibboleth Identity Provider ID (EntityID)
- Your associated SAML Assertion Attributes, and
- The list of campuses (if more than one) served by that ID
If you get an error after entering a SAML EntityID, this may be because it is not found in JSTOR's federation metadata or the formatting is incorrect.
If your institution was recently added to a federation, please wait and try again in 24-48 hours.
VPN (Virtual Private Network):
A VPN is a private network that will allow your users to be authenticated to JSTOR by IP Address(es). With some VPN configurations, you may need to whitelisted additional information to ensure successful authentication.
Contact us if you need to add your VPN's IP address into our system or if your current VPN is not authenticating users.
Remote Username and Password:
This method of access is only available for eligible institutions. If we determine that your institution is eligible, we will issue the remote username and password when we set up your access.
If you have questions about eligibility, or you would like to update the remote username and password for your institution, please contact us.
Authentication Enhancements
Browser pairing
When a researcher visits JSTOR from their campus or organization network (through a proxy or a VPN, for example), their off-campus access from the same browser is recognized by JSTOR for over one year (normally 30 days, currently extended due to COVID-related remote learning needs).
Browser pairing is lost when a browser cookies are cleared; pairing is restored when the user next visits JSTOR via their institution’s network.
Google CASA
We have partnered with Google to support streamlined access for people at institutions that use both JSTOR and Google Scholar, through a free service called Campus Activated Subscriber Access, or CASA. When a researcher visits Google Scholar while logged into a campus network, Google CASA remembers their affiliation and that they should have access to their institution’s licensed resources. This information is stored in a secure token that is valid for 30 days.
During this period, the researcher can access JSTOR without having to log in through their campus network, no matter where they are located. The token is renewed the next time a researcher logs into their network and visits Google Scholar.
Google CASA is GDPR-compliant because it does not capture any personal information about the user, only that they have been granted access to a particular institution’s resources.
If you have more questions about any of this information, let us know.
You must be logged in and have Admin permissions in order to verify or edit Access Methods