..
This file is part of Invenio.
Copyright (C) 2017-2018 CERN.
Invenio is free software; you can redistribute it and/or modify it
under the terms of the MIT License; see LICENSE file for more details.
================
Login with ORCID
================
`ORCID `_ provides a persistent identifiers for researchers
and through integration in key research workflows such as manuscript and grant
submission, supports automated linkages between you and your professional
activities ensuring that your work is recognized.
This guide will show you how to enable your users to login with their ORCID
account in Invenio. The underlying authentication protocol is based on OAuth
which is the same used for enabling other social logins (like login with
Twitter, Google, etc).
ORCID API credentials
---------------------
In order to integrate your Invenio instance with ORCID the first step is to
`apply for a client id/secret
`_ to access the
ORCID Sandbox.
Please, follow the official ORCID documentation for this part.
After successful application for an API client application key you should
receive in your inbox an email with your ``Client ID`` and ``Client secret``.
You will need this information when configuring Invenio in the next step.
Redirect URI
~~~~~~~~~~~~
After a user have authenticated on the ORCID site, the user will be redirected
to a given page on the Invenio side. ORCID requires you to provide a list of
authorized URI prefixes that could be allowed for this redirection to happen.
Depending on the ``SERVER_NAME`` used to configure the Invenio installation,
you should fill this parameter with::
https:///oauth/authorized/orcid/
Configuring Invenio
-------------------
In order to enable OAuth authentication for ORCID, just add these line to your
``var/instance/invenio.cfg`` file.
.. code-block:: python
from invenio_oauthclient.contrib import orcid
OAUTHCLIENT_REMOTE_APPS = dict(
orcid=orcid.REMOTE_SANDBOX_APP,
)
ORCID_APP_CREDENTIALS = dict(
consumer_key="",
consumer_secret="",
)
where the client id and client secret are those provided by ORCID in the
previous step.
If you can now visit:::
https:///login
you will be able to see ORCID authentication enabled:
.. image:: /_static/orcid-login.png
:width: 500 px
Sign-up on first login
~~~~~~~~~~~~~~~~~~~~~~
The first time a user try to login with ORCID, they will be required to provide
a username and email address. This is because ORCID does provide this
information and it is required by Invenio in order to register an account.