What's in this article:
We are able to support referring URL as an authentication method under the following circumstances:
- The referring URL must be password-protected, meaning users must authenticate in some way in order to gain access to the referring page, via username and password, library number, barcode ID or similar.
- Users do not have security software on their computers (personal firewalls and the like) that strips the referrer information from the headers. In these cases, referring URL authentication will not work.
- Sometimes library server configurations on a website result in the HTTP referrer header not being sent. If this is the case on your website, then referring URL authentication will not work for any users.
If these conditions work for you, then all we need is the referring URL, i.e. the URL of the page that includes the link to JSTOR. Referring URLs often look something like:
Please note that referring URL is not a fully-secure authentication method as the referrer can be manipulated in the HTTP header (at least one Firefox extension exists to do just this). It is important that participating institutions ensure that only authorized users are allowed access to JSTOR. Please contact JSTOR Support for assistance with setting up referring URL authentication for your institution.
If you use EZproxy for remote access, you'll likely need to set obtain, install and configure an SSL certificate. There are instructions on how to do this on the OCLC site. You'll also need the JSTOR database definition, found below.
JSTOR database definition for EZproxy:
If your institution uses OpenAthens and you haven’t yet added JSTOR as a resource, you’ll need to set it up in your OpenAthens administrator interface in order to access JSTOR from this service.
What you need to do:
- Log into the OpenAthens administrator interface at https://admin.openathens.net.
- Select Resources > Permission sets
- Click on the permission set that you want to change and then click on the Attributes tab (NB: the Role should already be set to ‘member’. If it is not, you should take this opportunity to set it to ‘member’).
- Click on the ‘Add a resource’ button, type JSTOR into the dropdown field and then select the JSTOR item that appears:
- Enter this text into the text box underneath JSTOR: urn:mace:dir:entitlement:common-lib-terms
- If your permission set attributes now look like this, click on ‘Save changes’:
- This will add the new JSTOR access point to your permission set automatically.
- Please be sure to contact us at firstname.lastname@example.org with your organization’s federation Entity ID information. You can find this information in the OpenAthens administration interface by clicking on Management in the menu bar and then selecting Organization & Entity IDs.