We recently updated our privacy policy - a summary of the changes is available in this blog post

Connecting Research and Researchers

Sign in/Register
You are here: Home / Documentation / Workflows / Sharing User Permissions

Sharing User Permissions

This workflow explains how ORCID members can collect permissions from the researchers in one application and use the authenticated iD and permissions in other internal applications where ORCID is required. 

Having your researchers only needing to provide permission to your organization once, saves time for the researcher and can increase the use and availability of ORCID iDs within your organization across the multiple systems. 

This workflow is suitable for organizations that have multiple systems where ORCID is included plus having technical resources available to build a custom integration using the ORCID API.

Example workflow

An example of this workflow could be collecting iDs within your identity management system

  • User is asked by a centralized system (e.g. identity management system) to provide your organization permission to interact with their ORCID iD
  • User chooses to sign in to their ORCID record or register for an ORCID record 
  • User provides permission for your organization to interact with their ORCID record (part of the oauth process)
  • The centralized system stores the users ORCID iD and the permissions that the user has granted your organisation
  • The ORCID iD and the access tokens can then be moved to any other system that your organisation needs to capture ORCID iDs such as your CRIS system, HR or an institutional repository. 
  • Using the ORCID iD and token, individual systems can read/write to and from ORCID records. CRIS systems can push affiliations/works, repositories can push works etc
  • Display the authenticated iD within your systems

We would recommend that you make it clear in your communication and your own documentation the expected workflow. This will ensure that your researchers are aware of your organization’s integration with ORCID and what is expected. 

More information

How do I collect an authenticated ID?

You collect authenticated IDs when you ask a researcher to sign in with their ORCID iD. This process uses a technology called “OAuth” or “SSO” and should be built into your workflow.

See the API Tutorial ‘Get an Authenticated ORCID iD‘ for more details.

How do I request permission to update an ORCID record?

The process to get permission to add or update data on a user’s ORCID record uses OAuth, as described in our 3 Legged OAuth FAQ. Only ORCID members can use the Member API to ask for update permissions. In simple terms it works like this:

  • Your local system creates a special link
  • When clicked, the user is sent to ORCID, signs in and grants permission
  • ORCID sends the user back to your system with an ‘authorization code’
  • Your system exchanges that code for an ‘access token’
  • The access token lets you update the user’s record

How do I add items to an ORCID record?

Items (works, employment, funding, peer review etc) can be added to an ORCID record using the ORCID member API. You need the following:

  • The researchers permission
  • Member API credentials
  • And either:
    • A vendor system that integrates with the ORCID Member API
    • Your own system that integrates with the ORCID Member API

What should I communicate to my users?

To support the social component we offer a toolkit of Outreach Resources to help you develop a campaign to support your integration, and communicate to your researchers:

  • What ORCID is.
  • Why your system collects iDs and how your system will perform tasks, such as updating their records.
  • Why your researchers will benefit by creating an ORCID iD and connecting their iDs to your system.
  • How ORCID benefits the wider, global research community.

We will be continually building out this “library” of resources based on feedback from the community. If you have an idea for something you might like to see, please feel free to contact us.

Why should I collect authenticated ORCID iDs?

Collecting validated ORCID iDs for individuals through the OAUTH process is important. Individuals sign into their ORCID accounts using their registered email address and password or they can create a new account and then authorize your system to obtain their ORCID iD. This ensures you get the correct ORCID iD for the researcher and that the information on that record reflects their research activities (see What’s So Special About Signing In). 

Why should I update ORCID records?

You can help make life easier for your users by connecting validated information to their ORCID records. You will also be helping to build trust in scholarly communications and, by keeping that data up to date, you can reduce the reporting burden for your users and improve data quality. 

ORCID for Research Organisations

In addition to its use as a persistent identifier for your researchers, ORCID can help you take control of how your institution’s name is used across research systems. In combination with other persistent identifiers ORCID enables you to authoritatively assert your staff, faculty, and student affiliations with your institution. You can also use ORCID APIs to receive real-time notifications about research activities, to auto-update forms, and to follow your alumni’s careers.

ORCID for Funding Organisations

By embedding ORCID iDs in your funding workflows, you can reliably connect your grantees and funding programs — and save everyone time and reduce errors caused by manual keying of information. Using ORCID in your system(s), you can play your part in building a trusted research information infrastructure by asserting connections between individuals and the grants you award them.

ORCID for Publishers

Researchers are at the heart of everything that scholarly and research publishers do. Accurate author and reviewer information is vital to indexing, search and discovery, publication tracking, funding and resource use attribution, and supporting peer review.

ORCID serves as an information hub, enabling your authors and reviewers to reliably connect to their contributions, and to share information from their ORCID record as they interact with your publishing systems. Collecting iDs for all your authors and reviewers during the publication process — whether for books, journals, datasets, compositions, presentations, code, or a variety of other works — allows for information to be easily shared, ensures researchers can provide consent to share, saves researchers time and hassle, reduces the risk of errors and, critically, enables researchers to get the credit they deserve for the important work they’re doing.

Technical documentation

More detailed tutorials can be found here.