How does Elsevier use SAML attributes in federated access?
Last updated on May 27, 2025
For IdP configuration instructions please visit How do I set up federated access as a librarian or administrator?
Elsevier SP attribute requirements are published here.
Access
Most of our products can be accessed via your IdP anonymously and don't require any personal attributes. As long as the user is authenticated via IdP, we'll let them in.
We require the use of:
- eduPersonEntitlement
which helps the IdP to control which user groups can get access to Elsevier.
It is also possible for IdPs to restrict access with some affiliation attributes, such as:
- eduPersonScopedAffiliation
- scope (only valid for OpenAthens customers)
Personalization
When a user accesses Elsevier via an IdP and creates account with us, we link a pseudonymous attribute from SAML assertion to their Elsevier user account, so that the user is recognized when they return. For this purpose we use one of the following attributes, in order of preference:
- SAML pairwiseID
- SAML subjectID
- eduPersonTargetedID - deprecated
- Persistent NameID - deprecated
Please note: Personalization at Elsevier is optional but the release of a pseudonymous attribute is required.
We also use the pseudonymous attribute to block an individual user if we detect abuse.
If the IdP releases:
- mail
then the email field will be populated with that value during the account creation. The user is able to change that email address.
The user is not able to change a pseudonymous attribute, although they can request for their user account to be deleted from our database.
Did we answer your question?
Related answers
Recently viewed answers
Functionality disabled due to your cookie preferences