« Back to User Experience

One-stop login (single sign on) for library online services

Ottawa Public Library
Go to Website

Innovation Summary

Using custom and open-source code, we merged an authentication system between BiblioCommons, Drupal and Ezproxy to permit unified logged-in access to our catalogue, our e-book vendor and our licensed databases.

Problem Statement

We wanted to implement single-sign-on authentication for our library customers that would allow customers unified access to the logged-in features of our catalogue discovery layer (BiblioCommons), our library website, our Overdrive digital media collection and our licensed databases. We felt it was imperative to improve the user experience by removing multiple authentication gateways to allow customers to move more seamlessly between the library’s online services. We were constrained by a lack of direct access to our Symphony ILS database for authentication and by a lack of a public-facing SIP (Standard Interchange Protocol) connection for API-based customer logins and logouts. The master authentication source needed to be BiblioCommons in order to allow customers to partake in social media activities (item reviews, comments, etc.). Working with BiblioCommons, we contracted them to write an authentication module for use with the Drupal content management system that would create a dual authenticated session with both the catalogue and website.


By using BiblioCommons as the master authentication database for our library website, we were able to extend single-sign-on access to e-books and databases by using the community-contributed Ezproxy module for Drupal. Proxied access to licensed databases and e-books was then controlled by the BiblioCommons-Drupal sign-on process, and we wrote some bridging code to ensure that customers authenticating directly to the Ezproxy gateway would also launch authenticated catalogue and website sessions at the same time. We were thereby able to achieve single sign on for the library in the absence of an authentication module available directly from our ILS or an overarching authentication scheme such as Microsoft’s Active Directory or the open source Shibboleth project.


Before launching this single sign on system with a new website in April of 2010, we found that the majority of website visitors bounced immediately to the library catalogue to carry out their library business. Since then visitors have been able to log in and to see their account information directly on the website, which has reduced the bounce rate for external visitors from 60% to about 25%. At the same time that we included the user’s catalogue account details on the website we added a link to allow the user to pass directly to the Overdrive account page without an additional authentication step, which has helped reduce the friction in the user experience between physical and digital collections. We have also introduced specific database links into the catalogue as related search results in a sidebar, so that, for example, searches for popular historical figures retrieve a sidebar link to Biographical Resource Centre. With a single sign on system in place we are able to more effectively cross-promote different kinds of online services that otherwise remain stovepiped within separate vendors’ portals.