indico icon indicating copy to clipboard operation
indico copied to clipboard

Published 20 hours ago verified publisher icon indico

Possibility to link profile with ORCID identity

Open pferreir opened this issue 9 years ago • 10 comments
trafficstars

E.g. http://orcid.org/0000-0002-5766-4698

This could be as simple as a field in the user profile. Would make sense once we have public profiles.

See also #936.

pferreir avatar Jul 15 '16 12:07 pferreir

Does ORCID support Avatar pics?

nop33 avatar Jul 15 '16 12:07 nop33

@pferreir Feel free to drop me a line if you need to know how we have dealt with it in Zenodo. ORCID normally recommends that you have to go through oauth flow in order to obtain an ORCID for a given user.

lnielsen avatar Jul 15 '16 12:07 lnielsen

@lnielsen thanks for the offer! Sure, I'll bug you when the time comes 😉

pferreir avatar Sep 20 '16 12:09 pferreir

Does ORCID support Avatar pics?

I don't think so. Anyway, the idea of the ticket would be just to have a field where people can specify their ORCID identity. But I guess that if we have to go through OAuth to confirm that, then it gets more complicated.

pferreir avatar Sep 20 '16 12:09 pferreir

Using OAuth to perform the linking actually sounds like a good idea. That way we don't need a free-form field but can just have a "link orcid" button and then show the ID with the option to unlink afterwards

ThiefMaster avatar Sep 20 '16 12:09 ThiefMaster

Pinging @matason too, since I believe he's interested in following up.

pferreir avatar Sep 20 '16 16:09 pferreir

May I ask on the current status of this?

ChristianTackeGSI avatar Jul 13 '22 12:07 ChristianTackeGSI

This is not something currently under development or on the roadmap for a particular release. Still something that would be nice to have at some point though! Even though without having some kind of public profile, where would it be displayed? Only in metadata (e.g. JSON exports)?

ThiefMaster avatar Jul 13 '22 12:07 ThiefMaster

Some events use abstract submission via indico and allow linking the authors via indico accounts. So having the ORCID available for the final publication / etc might be useful.

When submitting some abstract I thought "Okay, I would like to put my ORCID there, just in case". Nothing important / etc.

So I found this issue and thought "okay, let's see, how things are going".

Thanks for your super fast reply!

ChristianTackeGSI avatar Jul 13 '22 12:07 ChristianTackeGSI

@ChristianTackeGSI this would indeed be very useful. It would enrich the metadata and allow Indico to display a link to the author's ORCID profile. As @ThiefMaster said, it's not on the immediate release plan but definitely something we would totally be willing to discuss if someone would like to contribute some development time towards it.

pferreir avatar Aug 25 '22 07:08 pferreir

I took a look at your db model about this.

Instead of adding an orcid field to the users table, what about having orcid be represented using the Identity objects? I don't know, what happens, if orcid gets "just" added as another oauth/oidc provider? Will Identity.provider == "orcid" and Identity.identifier contain the real orcid?

ChristianTackeGSI avatar Apr 06 '23 11:04 ChristianTackeGSI

Yes, this would be the case if you added orcid as an identity provider and configured it so the identifier is the actual orcid.

This would be quite a bit away from making it a first-class citizen (for example I would not want to rely on this in case we want to use orcids somewhere in indico itself), but for something custom, possibly in combination with a custom plugin that makes use of it? Not a bad idea!

ThiefMaster avatar Apr 06 '23 11:04 ThiefMaster

Well, a first class citizen would also use an auth/oidc flow to verify the orcid, right? So I don't understand the difference, really? Except:

  • The "first class" implementation would not allow orcid as a "login provider" (but then one maybe could configure identity providers for not being allowed as a login option?)
  • The first class implementation would have a User.orcid attribute that places could use to render a link / etc, right? But that could be handled by a db.relationship with something like Identity.provider == "orcid" and Identity.user_id == id maybe? (I haven't used sqlalchemy for a long time…)

ChristianTackeGSI avatar Apr 06 '23 13:04 ChristianTackeGSI

Yes, I full agree that it would need to use oauth to link it or receive a trusted value from outside (e.g. sso/ldap/etc. that already has it). And I just want to avoid any more special identity provider names (beyond the one for local indico account logins).

IMHO the difference is that one would be related to logging in and one would just be getting a piece of (trusted) metadata.

FWIW another reason that (currently) speaks against using the Identity stuff: We do not have a "link other account" while logged in. Currently this only happens when you log out and then log in with another method that has the same email (if emails match we show the "add identity to existing account" prompt).

ThiefMaster avatar Apr 06 '23 13:04 ThiefMaster

avoid any more special identity provider names

I fully understand that!

It just was a random thought while looking at the db models…

IMHO the difference is that one would be related to logging in and one would just be getting a piece of (trusted) metadata.

I think, that difference is already getting weakened by the SSO providing other metadata that can be synced.

Getting the orcid from the SSO (this might work for CERN, I guess, because the SSO has that link orcid button already) would be combining the things anyway? Or people using ORCID as their SSO?

Anyway: It just was a random thought to maybe re-use as much infrastructure as possible to get closer to this.

ChristianTackeGSI avatar Apr 06 '23 13:04 ChristianTackeGSI