EPrints Technical Mailing List Archive

Message: #07396


< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

Re: [EP-tech] ORCID Support Advance Update


I think, ultimately, the situation you described previously:

 

I was reading this:
https://support.crossref.org/hc/en-us/articles/214567746-Authors-and-editors
recently - and wondering what the 'authenticated="true"' attribute
actually meant - and how the this assertion should be passed between
systems.

 

Makes a lot of sense and something along the lines of the display mechanism (from another previous discussion) shown here:

Authenticated: https://dblp.uni-trier.de/pers/hd/b/Bizer:Christian

Unauthenticated: https://dblp.uni-trier.de/pers/hd/b/Baierer:Konstantin

 

for entries we don’t explicity trust would be workable, with ORCID agreement.  Perhaps even a 3? level trust status – “Locally Authenticated with ORCID”, “Directly from a Trusted 3rd Party” (e.g. DOI), “Derived from metadata”  or something like those, so it is clear what level of trust can /should be put in the data.

We’re probably then in the realms of “who decides which 3rd Parties to trust”, but at least then we’re not throwing away potentially valuable data, or having to create local user records for all authors with an ORCID in our systems.

 

In my head, if I pull a metadata record from e.g. Whiterose (cheers John!) which has a bunch of Locally Authenticated ORCIDS, I can include them as “Directly from a Trusted 3rd Party”. Anything Whiterose has as Directly from a Trusted 3rd Party could be downgraded for me as “Derived from metadata” (or I could go and get the data from DOI directly myself), and I can add any ‘Locally Authenticated’ for my own ‘connected’ user authors.

 

Any thoughts?  It seems worth an attempt at consensus amongst ourselves to then present a workable solution to ORCID for future improvements.

 

Alan

 

 

From: eprints-tech-bounces@ecs.soton.ac.uk [mailto:eprints-tech-bounces@ecs.soton.ac.uk] On Behalf Of Will Fyson
Sent: 03 August 2018 11:17
To: eprints-tech@ecs.soton.ac.uk
Subject: Re: [EP-tech] ORCID Support Advance Update

 

To clarify, repository users do only have to connect their repository account to their orcid just the once, but I appreciate this is still a hurdle for busy academics and VIPs. And, as you say, for records with hundreds of authors where the record may be deposited in hundreds of repositories, emailing the external authors is not a sustainable solution!

The problem I think is ultimately described at https://members.orcid.org/api/member-api-credentials-check-list in the 'Mandatory Requirements' section, which explicitly prevents users from typing in ORCIDs. With this in mind I think the only options are to ask ORCID to change the requirments for using their member API (but this then erodes trust in their system) or we only allow external author ORCIDs to be added from other trusted systems, such as via a DOI (which will be possible when EPrints is better at storing where particular items in the metadata came from).

Will


 


From: Philipp Zumstein [philipp.zumstein@bib.uni-mannheim.de] Sent: 03 August 2018 07:18 To: Eprints-tech Subject: Re: [EP-tech] ORCID Support Advance Update

Thank you all for the helpful comments to understand better how the 
trigger is technically working. I share some concerns about the 
practical workflows similar to Jan when it comes to importing from ORCID 
to our repository:
 
- The additional work with ORCID in our repository for our professors or 
other VIPs has to be minimal for them, e.g. 3-4 clicks. They certainly 
don't want to authenticate all the time or receive a tons of emails. 
Some of them are currently not personally adding publications in our 
repository, but that is rather a job for their secretaries. Moreover, we 
plan to add more data directly by our librarians.
 
- I completely understands that ORCID wants to control and ask for 
authentification about the data which is saved in their database, i.e. 
the data which is exported from the repository to ORCID. But I don't 
see, why they want to restrict the information which we save in our 
repository. The DOIs, ISBNs and ISSNs we add in our repositories are 
also not authenticated by the publishers or authors. Moreover, I can add 
my ORCID to my website or add it as part of my email signature by just 
copy and paste the number without any authentication.
 
- Sending emails to all authors for authentication sounds horrible. 
Imagine for example a paper with 1.000+ authors (e.g. from high energy 
physics) which ideally is saved in the repository of every author, which 
then would result in a huge amount of emails together. There is no 
incentive for the researchers to answer these emails and I guess that 
they would just categorized them as spam.
 
Best regards,
Philipp
 
 
Am 02.08.2018 um 14:10 schrieb Jan Ploski:
These are very good points, John. I asked about this a while ago after
an ORCID webinar at JISC, and there were no answers.
 
The whole idea of "author-authenticated entry of ORCID iDs" seems rather
misguided - like a short-sighted "overkill" technical solution to what
is an organizational and data quality control problem. Just because you
can do certain things using OAuth doesn't mean it's a good idea.
 
In our repository much data entry is done by editorial staff, not by the
authors themselves. We don't want to bother our authors (and much less
external contributors) by email just to "sign off" the entry of their
ORCID iD. This reeks of bureaucracy and would undoubtedly make it LESS
appealing to integrate with ORCID. Needless to say, we won't use a
plugin which forces that sort of workflow upon us.
 
Add to this that authenticating just ORCID iDs alone does not really
solve the data quality problem - just like one can make a data entry
error in an ORCID iD, one can also make an error in an email or really
any part of metadata - which obviously won't be automagically verified
by ORCID or the author who confirms just that their iD is correct. In
the end, the truth content of metadata is based on human dilligence and
trust in quality control measures undertaken by the repository, not by
some central external identity management system - which also
constitutes a single point of failure from a distributed systems
management viewpoint, and is a nuisance to repository users who now have
to log in not just to the repository, but also to ORCID.
 
In short, verifying by automatic lookup or some such that the ORCID iD
entered is correct, is great, forcing authors to act as plugins to the
data entry system really is not.
 
On 08/02/2018 12:32 PM, John Salter wrote:
This naturally poses a problem for storing ORCIDs for external authors,
but in my experience most repositories are happy storing ORCIDs for just
their own users.
 
  
 
This concerns me. We (repository developers) shouldn't be encouraging a
blinkered approach to ORCIDs (or other persistent identifiers).
 
You wouldn't exclude a DOI for a paper if it wasn't minted by your
institution - so why would you choose to discard ORCIDs for non-local
members?
 
  
 
If the ORCID has come from a trustworthy upstream system (e.g. CrossRef,
PubsRouter), then the ORCID should stay with the author.
 
Local ORCIDs can supplement this data - so a record harvested from your
repository is 'improved'.
 
  
 
I was reading this:
https://support.crossref.org/hc/en-us/articles/214567746-Authors-and-editors
recently - and wondering what the 'authenticated="true"' attribute
actually meant - and how the this assertion should be passed between
systems.
 
If a **trusted** upstream system states that an ORCID is authenticated -
can we as a consumer of that data also state that the ORCID is
authenticated when relaying data from our system?
 
  
 
The ORCIDs should be seen as an 'additive' set of data - if your system
can state that an author now has an ORCID - do it.
 
Just don't throw away data that already exists for non-local authors.
 
  
 
Cheers,
 
John
 
  
 
*From:*eprints-tech-bounces@ecs.soton.ac.uk
[mailto:eprints-tech-bounces@ecs.soton.ac.uk] *On Behalf Of *Will Fyson
*Sent:* 02 August 2018 10:59
*To:* eprints-tech@ecs.soton.ac.uk
*Subject:* Re: [EP-tech] ORCID Support Advance Update
 
  
 
Hi Tomasz,
 
The ORCID Support Advance plugin does only allow ORCIDs to be stored
against creators/editors if they can be matched to a user via the
'Email' column in all circumstances (to facilitate the read-only nature
of the field). Therefore ORCIDs added through use of the ORCID Support
plugin are affected by this too.
 
When we've been installing the Advance plugin on repositories we've been
encouraging administrators to tidy up their ORCID data so that the
ORCIDs stored are matched with user profiles. This naturally poses a
problem for storing ORCIDs for external authors, but in my experience
most repositories are happy storing ORCIDs for just their own users.
 
If an email isn't present in the creator/editor field, but an ORCID is,
the ORCID would be removed the next time the EPrint is recommitted. The
ORCID Support Advance plugin contains a pre-commit trigger that updates
the ORCID field based on the email column to help keep the record up to
date. These triggers are disabled by default when the plugin is
installed however to prevent any accidental erasing of data by
installing the plugin. (the fields are read-only upon installing the
plugin however and so until the triggers are re-enabled the content of
the creator/editor ORCID fields is essentially fixed.)
 
I hope this helps answer your questions!
 
Many thanks,
 
Will
 
 
 
  
 
------------------------------------------------------------------------
 
*From:* Tomasz Neugebauer [Tomasz.Neugebauer@concordia.ca
<mailto:Tomasz.Neugebauer@concordia.ca>] *Sent:* 01 August 2018 17:50
*To:* Eprints-tech *Subject:* Re: [EP-tech] ORCID Support Advance Update
 
Hi everyone who has installed the ORCID Support Advance plugin, Will…
 
  
 
I am still looking to get a clearer picture of what I can expect to
happen when I install the ORCID Support Advance plugin on top of the
ORCID Support plugin that we currently have working.
 
  
 
What will happen to the ORCID ID’s that we have already collected in the
author field of publications?
 
  
 
The description from Will below about ORCIDs from a DOI import says this:
 
“, the ORCID field uses the creator/editor 'Email' column to lookup user
profiles in the repository that have connected to orcid.org so that the
creator/editor ORCID field can be verified. As such any ORCID added via
a DOI import, might then be erased if the user profile lookup cannot be
made. “
 
  
 
Does the above also apply to any ORCIDs that we have been collecting
using the ORCID Support plugin?
 
  
 
I don’t think that our depositors have been diligently filling in the
email column in the author field during the deposit process, does that
mean that the user profile lookup will fail and the ORCID will be
deleted for any author that doesn’t have an email listed in the author
column?
 
When does this deletion happen, during indexing? Is there any way to
prevent it from happening?
 
  
 
Thanks so much for any insight or advice on this is really appreciated.
 
  
 
Tomasz
 
  
 
  
 
  
 
  
 
  
 
*From:*eprints-tech-bounces@ecs.soton.ac.uk
<mailto:eprints-tech-bounces@ecs.soton.ac.uk>
<eprints-tech-bounces@ecs.soton.ac.uk>
<mailto:eprints-tech-bounces@ecs.soton.ac.uk> *On Behalf Of *Will Fyson
*Sent:* July 11, 2018 10:16 AM
*To:* eprints-tech@ecs.soton.ac.uk <mailto:eprints-tech@ecs.soton.ac.uk>
*Subject:* [EP-tech] ORCID Support Advance Update
 
  
 
Hi Everyone,
 
A couple of minor updates have been applied to the ORCID Support Advance
plugin, bringing it up to version 1.3.2.
 
The updates are only very minor, fixing issues where the plugin was
generating a few too many messages in the indexer and error logs. A
Change Log documenting these most recent changes is available at
https://wiki.eprints.org/w/ORCID_Support
 
Regarding the discussion a couple of emails above in the EP-Tech list
("Import by DOI in ORCID plugin"), a new DOI imported that takes ORCIDs
into account is not available at present. Due to the requirements that
the ORCID field must be readonly when connected to the member API so
that ORCIDs can only be added via an authoritative source, the ORCID
field that is added to the creator/editor tables cannot be edited.
Therefore to stop values from being entered, which then later cannot be
removed, the ORCID field uses the creator/editor 'Email' column to
lookup user profiles in the repository that have connected to orcid.org
so that the creator/editor ORCID field can be verified. As such any
ORCID added via a DOI import, might then be erased if the user profile
lookup cannot be made.
 
This is an issue we're looking into resolving however and so hopefully
we should have some updates on it in the future!
 
Many thanks,
 
Will
 
 
 
 
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
 
*** Archive: http://www.eprints.org/tech.php/
 
*** EPrints community wiki: http://wiki.eprints.org/
 
*** EPrints developers Forum: http://forum.eprints.org/
 
  
 
 
 
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/
*** EPrints developers Forum: http://forum.eprints.org/
 
 
*** Options: http://mailman.ecs.soton.ac.uk/mailman/listinfo/eprints-tech
*** Archive: http://www.eprints.org/tech.php/
*** EPrints community wiki: http://wiki.eprints.org/
*** EPrints developers Forum: http://forum.eprints.org/
 
 
 

 

-- The Open University is incorporated by Royal Charter (RC 000391), an exempt charity in England & Wales and a charity registered in Scotland (SC 038302). The Open University is authorised and regulated by the Financial Conduct Authority in relation to its secondary activity of credit broking.