This workflow explains how ORCID members can collect permissions from the researchers in one application and use the authenticated iD and permissions in other internal applications where ORCID is required.
Having your researchers only needing to provide permission to your organization once, saves time for the researcher and can increase the use and availability of ORCID iDs within your organization across the multiple systems.
This workflow is suitable for organizations that have multiple systems where ORCID is included plus having technical resources available to build a custom integration using the ORCID API.
An example of this workflow could be collecting iDs within your identity management system
- User is asked by a centralized system (e.g. identity management system) to provide your organization permission to interact with their ORCID iD
- User chooses to sign in to their ORCID record or register for an ORCID record
- User provides permission for your organization to interact with their ORCID record (part of the oauth process)
- The centralized system stores the users ORCID iD and the permissions that the user has granted your organisation
- The ORCID iD and the access tokens can then be moved to any other system that your organisation needs to capture ORCID iDs such as your CRIS system, HR or an institutional repository.
- Using the ORCID iD and token, individual systems can read/write to and from ORCID records. CRIS systems can push affiliations/works, repositories can push works etc
- Display the authenticated iD within your systems
We would recommend that you make it clear in your communication and your own documentation the expected workflow. This will ensure that your researchers are aware of your organization’s integration with ORCID and what is expected.
Items (works, employment, funding, peer review etc) can be added to an ORCID record using the ORCID member API. You will need the following:
- The researchers permission
- Member API credentials
- And either:
- A vendor system that integrates with the ORCID Member API
- Your own system that integrates with the ORCID Member API
To support the social component we offer a toolkit of Outreach Resources to help you develop a campaign to support your integration, and communicate to your researchers:
- What ORCID is.
- Why your system collects iDs and how your system will perform tasks, such as updating their records.
- Why your researchers will benefit by creating an ORCID iD and connecting their iDs to your system.
- How ORCID benefits the wider, global research community.
We will be continually building out this “library” of resources based on feedback from the community. If you have an idea for something you might like to see, please feel free to contact us.
You collect authenticated IDs when you ask a researcher to sign in with their ORCID iD. This process uses a technology called “OAuth” or “SSO” and should be built into your workflow.
See the API Tutorial ‘Get an Authenticated ORCID iD‘ for more details.
The process to get permission to add or update data on a user‚s ORCID record uses OAuth, as described in our 3 Legged OAuth FAQ. Only ORCID members can use the Member API to ask for update permissions. In simple terms it works like this:
- Your local system creates a special link
- When clicked, the user is sent to ORCID, signs in and grants permission
- ORCID sends the user back to your system with an ‘authorization code’
- Your system exchanges that code for an ‘access token’
- The access token lets you update the user’s record
Collecting validated ORCID iDs for individuals through the OAUTH process is important. Individuals sign into their ORCID accounts using their registered email address and password or they can create a new account and then authorize your system to obtain their ORCID iD. This ensures you get the correct ORCID iD for the researcher and that the information on that record reflects their research activities (see What’s So Special About Signing I).¬¨‚
You can help make life easier for your users by connecting validated information to their ORCID records. You will also be helping to build trust in scholarly communications and, by keeping that data up to date, you can reduce the reporting burden for your users and improve data quality.
ORCID for Research Organisations
In addition to its use as a persistent identifier for your researchers, ORCID can help you take control of how your institution‚s name is used across research systems. In combination with other persistent identifiers ORCID enables you to authoritatively assert your staff, faculty, and student affiliations with your institution. You can also use ORCID APIs to receive real-time notifications about research activities, to auto-update forms, and to follow your alumni’s careers.
ORCID for Funding Organisations
By embedding ORCID iDs in your funding workflows, you can reliably connect your grantees and funding programs — and save everyone time and reduce errors caused by manual keying of information. Using ORCID in your system(s), you can play your part in building a trusted research information infrastructure by asserting connections between individuals and the grants you award them.
ORCID for Publishers
Researchers are at the heart of everything that scholarly and research publishers do. Accurate author and reviewer information is vital to indexing, search and discovery, publication tracking, funding and resource use attribution, and supporting peer review.
ORCID serves as an information hub, enabling your authors and reviewers to reliably connect to their contributions, and to share information from their ORCID record as they interact with your publishing systems. Collecting iDs for all your authors and reviewers during the publication process — whether for books, journals, datasets, compositions, presentations, code, or a variety of other works — allows for information to be easily shared, ensures researchers can provide consent to share, saves researchers time and hassle, reduces the risk of errors and, critically, enables researchers to get the credit they deserve for the important work they’re doing.
I have developed my integration using the Sandbox, how do I get Production member API credentials?
Member organizations request ORCID Member API credentials on the production (live) server by completing the Production Member API client application form. Before issuing production Member API credentials, the ORCID Engagement team will review a demo of your integration in the ORCID sandbox. This gives us a chance to see the great integrations you have built and offer workflow improvements, as well as check that all integrations meet our best practices.
To provide a demo of your system you’ll need to set up a working integration with the ORCID sandbox that the ORCID team can preview. There are a few ways to share your working sandbox integration:
- Recommended: Live demo: Contact us to schedule a live demonstration. We’ll provide meeting software that allows you to share your screen for you to demo your integration. This also gives us an opportunity to learn more about how your system works, and how you‚re explaining the benefits of your ORCID integration, so we can provide better support for you and your users.
- Test site: If your development site is public, send us the URL along with test credentials (if needed) to access your system and instructions describing how to use your system’s ORCID features. Provide additional documentation to verify what we would not be able to see from the user end, e.g. API version used, what data is stored by your system, etc.
- Screencast or screenshots (recommended for ORCID-enabled systems which require a demonstration): Send a recording or a set of screenshots with descriptions clearly explaining and demonstrating how your integration works at each step, including what happens if a user denies access or disconnects their iD. Be sure to provide additional documentation to verify anything we would not be able to see from the user end, such as API version used and how data is stored.¬¨‚
If you are using one of the ORCID-enabled systems that does not require a demonstration, you can directly request production Member API credentials. Be sure to specify which system (and, if applicable, version) you’re using in the notes.
More detailed tutorials can be found here.