Editor’s note: Today’s post is by Amanda Ferrante, Principal Product Manager for Identity & Access Management at EBSCO Information Services.

Recently, my work has brought me into closer collaboration with the research and education identity federation community, including federation operators, university identity and access management (IAM), and security leaders.

During a recent discussion about service providers in identity federations, the conversation turned to the platforms through which researchers discover and access licensed scholarly content. Many of these platforms were not widely recognized by those in the room, despite being ubiquitous in libraries worldwide.

Someone then asked a practical question: does EBSCO use services such as SeamlessAccess as part of its institutional login experience?

The answer is no. While EBSCO supports federated authentication globally, its login experience cannot assume that every library uses federation as its primary access method. Explaining why led to a broader discussion about how researchers access licensed scholarly content.

Decorative image of two groups of people approaching each other over a chasm, ready to shake hands.

Platforms serving the library ecosystem operate in environments where multiple authentication approaches coexist, and federation participation does not result in routine use.

Services such as SeamlessAccess help users consistently identify and authenticate to their institution across platforms. But they depend on underlying authentication pathways being available and configured for use. Where access still relies heavily on IP recognition or other legacy methods, a federation-centered experience alone cannot consistently connect researchers to institutionally licensed content.

Working across both the federation and library communities provides a useful vantage point. Both share a common goal: enabling researchers to access scholarly resources reliably, securely, and with appropriate respect for privacy.

Federated identity infrastructure was designed to support exactly that. So why isn’t it used more frequently for library access? To explore this, I examined authentication patterns across publisher and aggregator environments.

What the Data Shows

Cross-market data on how researchers authenticate to scholarly platforms is limited. To quantify patterns, I analyzed three sources: publisher-reported authentication distributions, authentication activity across EBSCO platforms, and federation configuration data from EBSCO customer environments.

Across publisher platforms, IP-based access remains dominant. Anonymized, aggregated data reported for publishers hosted on the Atypon platform show that for many journals, more than 95% of access events occur through IP recognition, with federated authentication accounting for only a small share of traffic.

The aggregator use case reflects a more varied picture. Across EBSCO platforms — a large-scale scholarly discovery and access environment serving tens of thousands of libraries globally — approximately 55% of activity is associated with IP recognition, 17% with single sign-on (either bilaterally connected or via an identity federation), and the remaining 28% distributed across a range of legacy and URL-initiated authentication methods.

These patterns show that while IP-based access remains foundational, libraries have not consistently adopted federated single sign-on (SSO) as the default pathway for remote, off-network access. This influences whether researchers successfully reach subscribed content.

Evidence from authentication migrations suggests that when SSO becomes the primary pathway for remote access, more entitled researchers successfully reach subscribed resources, revealing activity that may not have been captured through legacy access models. Across 1,400 institutions that transitioned to SSO authentication between April 2024 and April 2025, EBSCO observed a median 23% increase in authenticated logins, alongside substantial increases in researcher engagement.

While these figures reflect aggregated platform activity rather than controlled experiments, they mirror patterns observed during the COVID-19 pandemic, when libraries reported usage declines without effective remote access pathways, while publishers saw rapid increases in federated access adoption, as described in Why Federated Access Matters: One Library’s Pandemic Story and Seamless Remote Access During a Global Pandemic: An Indispensable Necessity.

The clearest gap between federation availability and operational use appears in federation configuration data. EBSCO is registered as a service provider across identity federations that collectively list more than 13,000 identity providers worldwide. Most correspond to institutions whose libraries subscribe to EBSCO services.

Even so, only a portion are configured for authentication in EBSCO customer environments, and fewer are routinely used by researchers — across federation-enabled EBSCO customers, fewer than 30% use federation for e-resource access. Among the remaining libraries, some rely on library-specific federation middleware, while many continue to use other legacy access models rather than federation-based SSO.

In other words, the technical infrastructure required to support federated authentication to scholarly resources already exists across much of the ecosystem, but is only partially activated.

These patterns challenge the hope that federated identity, once available, will naturally become a default component in the library access model. In practice, adoption does not follow from availability. This gap has practical consequences: whether researchers reach subscribed content increasingly depends not on entitlement, but on how content is discovered and how users are prompted to authenticate.

Where the Gap Emerges

Federated identity frameworks were developed to support a broad range of academic use cases. However, scaled adoption for licensed e-resource access has remained difficult across the scholarly ecosystem. The challenge has been less about technical capability and more about the absence of a broadly adopted baseline for implementation and cross-sector coordination.

Federation participation and implementation practices mostly evolved alongside institutional IAM, research, and enterprise access workflows, where identity integration and centralized governance models were often already well established.

Library access often operates differently from other institutional access scenarios. Libraries serve broad and variable populations — including students, faculty, alumni, and walk-in users — and the primary requirement is often to establish institutional affiliation and entitlement to licensed content while minimizing unnecessary disclosure of personal information.

In many environments, responsibility for enabling federated access spans organizational boundaries that do not always share the same priorities, tooling, or visibility into authentication workflows. Libraries may depend on central IT teams for identity integration while also navigating workflows and licensing practices where legacy access mechanisms are deeply embedded. As a result, the challenge is also distributed across multiple stakeholders. Libraries, institutional IAM teams, publishers, service providers, and federation operators often approach scholarly access from different governance and implementation perspectives.

Survey responses from academic libraries whose institutions participate in identity federations — but which do not currently use federated SSO for access to e-resources — provide additional context. In a targeted survey distributed by EBSCO to library contacts across the Australian Access Federation, Canadian Access Federation, InCommon, and Tuakiri federations, 87% of respondents indicated awareness that their institution participates in an identity federation and could support federated SSO. Despite this, respondents described continued reliance on established access models and identified a consistent set of barriers to broader SSO adoption.

When asked to identify their primary reason for not using federated SSO, configuration and implementation effort was cited by 22% of respondents, followed by incomplete support for all user groups such as alumni (19%), reliance on coordination with campus IT teams (19%), and concerns around user data sharing (17%).

These responses reflect awareness of federation participation, but limited confidence that implementation would work within their library’s operational realities.

How This Gap Shapes Access Today

Library access workflows reflect a mix of legacy approaches, local configuration, and vendor variation.

The resulting challenges — particularly for remote users — are well documented, including through the RA21 initiative and subsequent SeamlessAccess efforts, which helped bring broad attention to fragmented access workflows, inconsistent institutional discovery, and user abandonment during authentication. These efforts improved important aspects of the user experience for institutions that have adopted federated authentication for remote access. In doing so, they also highlighted that access challenges persist in environments where federated authentication is not routinely used.

In practice today, user outcomes continue to diverge: some users successfully reconnect to their institution and reach subscribed content, while others still encounter paywalls or abandon the process entirely. These failures are often silent. Unsuccessful attempts are not captured in authentication data, appearing instead as reduced usage — making access barriers difficult to see and even harder to diagnose. While these challenges to the user experience are widely recognized, the dynamics that sustain them are less often examined.

Federated identity enables location-independent access, privacy-preserving institutional identification, and standardization that scales. However, when federated access is experienced as overly complex or misaligned with library operations, institutions often lean on established approaches.

Over time, this perpetuates a cycle: as identity and federation practices evolve to address increasingly complex challenges across academia, e-resource access workflows in environments where SSO is not already the default can remain difficult to operationalize consistently at scale. This is particularly true where libraries and publishers have not consistently participated as core stakeholders in federation dialogue and implementation efforts.

The effects extend beyond the library itself. Privacy and data sharing decisions are often made at the platform level rather than through a coordinated institutional approach. Access is also frequently maintained outside institutional identity and cybersecurity programs designed to manage risk, limiting visibility into misuse and complicating response to bot attacks or other threats.

Ultimately, the challenge is not primarily technological, but organizational: aligning implementation practices, participation models, and cross-sector coordination consistently with the practical requirements of e-resource access.

Why This Moment Is Different

Scholars increasingly encounter content through open web pathways and AI-assisted discovery tools, rather than beginning within library-managed environments. Many authentication models still common across scholarly publishing are therefore increasingly misaligned with how research actually happens.

At the same time, institutional investments in security, governance, and identity infrastructure are accelerating. Expectations around visibility, accountability, and policy alignment are extending across more parts of the academic environment — including areas that have historically operated outside of them. Growing focus on research integrity and identity assurance further highlights broader institutional reliance on shared identity infrastructure.

As a result, ecosystem conversations are also beginning to converge, with libraries, service providers, federations, publishers, and institutional IAM teams engaging more directly around shared concerns. This convergence offers an opportunity to ask a key question: how can federated identity be broadly applied to licensed e-resource access in a way that aligns with how research discovery and institutional identity practices now operate?

In many scholarly e-resource access scenarios, the primary requirement is not detailed personal identity information, but reliable institutional affiliation with minimal and privacy-respecting attribute exchange. The goal is typically to establish entitlement to licensed content while minimizing unnecessary user friction and data disclosure.

The opportunity, then, is to define a proportional baseline that enables consistent, secure access that is achievable across the scholarly ecosystem. In this context, proportionality means aligning implementation expectations with the practical realities of libraries and publishers operating across a wide range of technical and organizational environments.

A Practical Next Step

The question is no longer whether federated identity can support library access — the infrastructure already exists. Existing federation frameworks and entity categories already provide important foundations for privacy-preserving, affiliation-based access. However, their availability alone has not resulted in broad or consistent implementation across the library e-resource ecosystem.

The next phase depends on codifying clear, achievable implementation guidance and patterns that enable federation to function as a routine and trusted access model for licensed scholarly resources. In practical terms, this means defining shared expectations and implementation approaches that libraries, publishers, service providers, federations, and institutional IAM teams can rely on when enabling access.

Developing this baseline requires collaboration across these communities. Anchoring the effort in the core use case of e-resource access will help ensure that concerns shaping authentication decisions — including privacy, attribute release, operational burden, interoperability, and reporting — are addressed in a proportional and implementable way. The goal is not to redesign federation, but to leverage its existing strengths while making participation for e-resource access more achievable and scalable across the scholarly ecosystem.

A practical next step is to convene a cross-ecosystem initiative to define this baseline. Success depends on active representation from the stakeholders responsible for how scholarly access actually works. Libraries and publishers, in particular, must participate directly alongside identity and federation leaders in shaping implementation approaches and operational expectations. Without this kind of cross-sector coordination, implementation gaps will persist — gaps that our community has already concluded risk researchers failing to reach scholarly content. The infrastructure to prevent that already exists. What remains is working together to scale it to the e-resource ecosystem.

Author’s note: I independently drafted this paper to synthesize my original research, analysis, narrative, and conclusions, drawing on qualitative and quantitative findings as well as conversations with industry peers. After the draft was complete, I used ChatGPT to assist with editing and language refinement. I then extensively reviewed and revised the output, incorporated feedback from colleagues and collaborators, and finalized the paper for publication.

Amanda Ferrante

Amanda Ferrante

Amanda Ferrante is a Principal Product Manager for Identity & Access Management at EBSCO Information Services, where she focuses on improving how researchers access scholarly resources while supporting scalable, secure administration for libraries and research institutions. Her work is grounded in the needs of organizations navigating privacy, security, and user experience in a rapidly evolving access landscape.

Discussion

Leave a Comment