Does anybody here have experience implementing ORCID authentication, and if so, then what are some of the gotchas I ought be aware of?
I am thinking about creating a public service. While people will be able to use much of the service sans authentication, the system's complete set of features will only be accessible after authentication. I don't need nor want to store usernames or passwords. Yuck and scary. Moreover, people don't need YAUAPC (Yet Another Username And Password Combination). I think ORCID may be a good way for me to enable people to authenticate. Provide people with a link, they authenticate via ORCID, I get a unique identifier for the person, and I know they are not some sort of robot. Moreover, based on the content of the resulting ORCID ID, I might be able to provide enhanced services of some kind. Have y'll done something like this? If so, then what was your experience? -- Eric Lease Morgan University of Notre Dame
