Announcing ORCID's Permissions Pre-Authorization Technical Working Group

Tom Demeranville's picture

UPDATE October 2018: Following feedback from our Trust Working Group and subsequent discussions with the ORCID Board, we will not be offering a permissions pre-authorization workflow. Instead, our focus will be on working with third party service providers to make it easier for researchers to connect information to their ORCID records -- including investigating alternative approaches to helping researchers connect with relevant services -- and to ensure that the source of that information is transparent. The Permissions Pre-Authorization Technical Working Group has, therefore, been disbanded - we thank the group members for their service.

Connecting researchers with their research activities is at the heart of what we do here at ORCID, and we’re always looking for ways to make authoritative connections easier to create.  Authoritative connections from publishers, funders, societies, data-centres, aggregators, and others add value to ORCID records and reduce the time researchers spend typing information into forms. The more connections in the Registry, the more the research world benefits.

Authoritative connections have always been made with the researcher’s permission and always will be. However, with over 840 ORCID member organisations operating more than 550 integrations, granting permission may become a burden to researchers in itself.  With that in mind, we are looking into ways to offer users the ability to proactively grant record update permission to organisations of their choice, without having to visit each one individually.

To ensure that this workflow is secure, sensible, user-friendly, and privacy-preserving, we are launching the Permissions Preauthorization Technical Working Group (PPTWG).  This group is tasked with:

  • Helping ORCID assess technical options
  • Specifying a solution for researchers to proactively grant permission

The group will produce a recommendation for handling generation and transmission of the permission tokens used to access a user’s ORCID record.  

The PPTWG will be chaired by Simeon Warner, a member of the ORCID Board and Director of Library Linked Data and Repository Architecture at Cornell University Library. Simeon will be supported by Tom Demeranville, ORCID Technology Advocate.  

Working group membership is voluntary, and is open to individuals with an interest in the topic, who have technical and practical knowledge of APIs, authentication, encrypted token exchange, user-granted permissions, OAuth2, OIDC, and symmetric and asymmetric encryption. Individuals representing third-party systems are encouraged to participate.

We are seeking 6-12 volunteers, and will recognize your participation on the PPTWG web pages on the ORCID website.  We expect members to attend four one-hour web meetings over the course of two months, and to dedicate about four hours to reviewing documents outside of the meetings.

Interested?  Please contact us with a short bio and why you’d like to participate.