This shows you the differences between two versions of the page.
public:bc_services_card [2023/03/22 19:22] jeff |
public:bc_services_card [2024/05/09 05:04] |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== BC Services Card Research Project ====== | ||
- | |||
- | {{ : | ||
- | |||
- | ===== Patron information in Evergreen ===== | ||
- | |||
- | Patrons are normally registered via the EG staff client, by staff at the circ desk ([[https:// | ||
- | |||
- | Several other Evergreen consortia (PINES and KCLS) use Quipu' | ||
- | |||
- | Evergreen also has a patron self-registration feature ([[https:// | ||
- | |||
- | There' | ||
- | |||
- | There is a lack of good documentation on how external applications can use EG's existing APIs, in part because those APIs were primarily designed to be used by EG's own component services. It would be worth investing in better documentation (and more user-friendly APIs, especially for creating/ | ||
- | |||
- | ==== Technical details ==== | ||
- | |||
- | Here's an entity relationship diagram for the database tables that store patron information (click to enlarge): | ||
- | |||
- | {{ : | ||
- | |||
- | A few notes: | ||
- | * actor.usr is the primary table for personal information. It is used for both staff and patron accounts. | ||
- | * Each user has a primary card (actor.usr.card) and may also have secondary cards, all of which are in actor.card. | ||
- | * Each user also has a username. Usually this matches the barcode of the patron' | ||
- | * The user may have a mailing address and a billing address, but they' | ||
- | * Email address is not required, nor guaranteed to be valid or well-formed. However, users can reset their password by clicking a link in the public catalogue which sends a reset email to whatever email address is in actor.usr.email. | ||
- | * The ident_value and ident_value2 fields may contain driver' | ||
- | * actor.usr.profile contains the user's profile, a.k.a. permission group or patron type. Patron and staff permissions are generally governed by which permission group they belong to. | ||
- | * actor.usr.home_ou specifies the user's home library. The hierarchy of libraries (branches, systems, federations, | ||
- | * Libraries can track additional information about their patrons using " | ||
- | * When patron self-registration is permitted, the data entered by the patron is initially stored in the staging tables shown on the far right of the diagram. Staff then have the ability to review this pending patron information and approve account creation. | ||
- | |||
- | ===== User stories for BCSC integration ===== | ||
- | |||
- | - As a new patron, I want to register for a library card online so that I can access library resources more easily. | ||
- | - As circulation staff, I want new patrons to pre-register for an account online so that the registration process is more efficient and accessible and patron information is entered quickly and reliably. | ||
- | - As circulation staff, I want to auto-validate current patrons when I renew their accounts so that I don't have to do it manually at the circ desk. | ||
- | - As a library manager, I want patron accounts to be pre-registered/ | ||
- | - As a Co-op service manager, I want patron data to be validated so that I can use it as a basis for other services. | ||
- | - As a malicious user, I want to create fake or unauthorized patron accounts so that I can access library resources illegitimately. | ||
- | |||
- | ---- | ||
- | ===== Coop Answers to Questions from March 16 Kickoff Call doc ===== | ||
- | |||
- | * **Inventory of current technologies being used** | ||
- | * Evergreen uses an open source software stack, primarily Linux + Apache + PostgreSQL + Perl. The public catalogue (OPAC) uses Perl's Template Toolkit engine with some Bootstrap JS. The staff client is an Angular app that makes use of Websockets. [[https:// | ||
- | * **List of current library sites and what is being managed for them** | ||
- | * **Any additional common challenges today not identified above** | ||
- | * **General intro to the library system, what changes and what’s static,** | ||
- | * Not really sure how to answer this, can you be more specific about what you want to know? | ||
- | * **How are people and accounts created today? Go to branch -> some registration and card issuance, create account at home. What identifiers are collected, email, names, ?** | ||
- | * Potential workflows: | ||
- | - A new public library patron wants a library account. They go into their local library, go to the circ desk, and show their ID or proof of residency. Circ staff manually enter their info into the patron registration UI (city and province are auto-populated when they enter the postal code) and give the patron a physical library card with barcode. | ||
- | - A new public library patron wants a library account. They pre-register for an account online. Circ staff review, approve the account, and send a notification to the patron. The patron goes into their local library and picks up their library card at the circ desk. Note that this workflow still involves manual intervention by staff for each new account registration. < | ||
- | - An existing patron' | ||
- | * The above is based on Jeff's educated assumptions about how patron registration works. We should consult with a few of our libraries to verify the above and see if there' | ||
- | * During registration, | ||
- | * PL Adult (default) | ||
- | * PL Juvenile | ||
- | * PL Teen | ||
- | * PL BC OneCard | ||
- | * PL Non Resident - Adult | ||
- | * PL Non Resident - Juvenile | ||
- | * PL Federation | ||
- | * PL Extended Loans | ||
- | * PL No-fines | ||
- | * PL Print Disabled | ||
- | * PL Home Services | ||
- | * PL Restricted Access | ||
- | * PL Custom | ||
- | * PL Temporary | ||
- | * PL New User | ||
- | * Identifiers collected (plus % of current BC public library patrons who have this info in their patron record): | ||
- | * legal name: 100% | ||
- | * preferred name: 2% | ||
- | * address: 99% | ||
- | * phone numbers: 100% | ||
- | * email: 90% | ||
- | * date of birth: 49% | ||
- | * ID number: | ||
- | * driver' | ||
- | * BC ID/BC Services Card: 1% | ||
- | * Status Card: <1% | ||
- | * Other (unknown type): 5% | ||
- | * Examples of other data gathered during patron registration for reporting purposes (a.k.a. statistical categories): | ||
- | * geographic area, residency, electoral district | ||
- | * gender (mostly unused now) | ||
- | * school, grade | ||
- | * age group | ||
- | * **When we say “record” what do we mean?** | ||
- | * A " | ||
- | * **How strict are validation rules? How strict would they be with bcsc?** | ||
- | * We don't do any automated validation of personal info. Personal information is entered manually by staff (except city/ | ||
- | * **Is there business value for existing patrons to “link” their BCSC proactively? | ||
- | * **Privacy/ | ||
- | * **IDENTOS can help identify how this aligns to BCSC onboarding requirements** | ||
- | * **Conversation with non-SITKA libraries that would benefit from having access to brokering of BCSC? What are their requirements that differ from Co-Op?** | ||
- | * **Is there a desire to have additional / complementary digital library access vs overdrive? | ||
- | * Coop Response: Not sure I fully understand; the Coop (and non-Sitka member libraries) provide a TON of access to digitally licensed products right now. Those 3rd party licensed content providers typically authenticate against accounts from the library ILS through a couple of different methods. The Co-op offers SIP2 interfaces (which were historically developed for in-branch authentication only but have for 20 years been mis-used for cross-internet authentication) as well as an emulation of the " | ||
- | * **Any other tables and key data elements that would be helpful (other than those already provided on the wiki) ?** | ||
- | |||
- | ==== Further questions from Co-op staff ==== | ||
- | |||
- | * There may be information that needs to be captured during registration that can't be validated by the service or provided by the patron (e.g. patron type, stat cats). How to handle that? | ||
- | * Evergreen workflows require staff to manually approve pre-registered accounts and provide a physical card. Is there a desire to enable account creation without these steps? | ||
- | * Should we be worried about fraudulent account creation? For example, theoretically someone could register an account with stolen info and steal a bunch of books, and the victim could be on the hook for replacement costs. This becomes a bigger risk if we become the ID provider for other services. | ||
- | * Are there other privacy/ | ||
- | |||
- | ===== Docs from Other ILS ===== | ||
- | While our initial focus is on validating potential Sitka patrons via the BC Services Card, actually making this work will require standing up some sort of SAML server on our end and liasing with the BC Services Card to integrate. There are approx 20 other BC libraries using ±4 other ILS who, if they also wanted to offer validation via the Services Card, would need to standup similar SAML servers. So a secondary goal of this project is to see if we can architect our solution in such a way as it is the sector-wide integration against the Services Card, with us doing integration with the libraries. To that end, I asked other libraries (via the BC Libraries and IT list) to share any API docs they might have that can inform the consultants in architecting a solution. Below is what resulted: | ||
- | |||
- | |||
- | ^ Non-Evergreen ILS in BC ^ Library Name ^ Expressed Interest ^ | ||
- | |{{ : | ||
- | | |Okanagan Regional Library| | | ||
- | |[[https:// | ||
- | | |Richmond Public Library | x| | ||
- | | |Thompson-Nicola Regional District Library| | | ||
- | | |Vancouver Island Regional Public Library | | | ||
- | | |West Vancouver Memorial Library| | | ||
- | |SirsiDynix Horizon |Burnaby Public Library |x | | ||
- | | |Cranbrook Public Library | | | ||
- | | |New Westminster Public Library| | | ||
- | | |North Vancouver District Library | | | ||
- | | |Penticton Public Library| | | ||
- | | |Port Moody Public Library | | | ||
- | | |Surrey Public Library |x | | ||
- | | |Vancouver Public Library | x| | ||
- | |SirsiDynix Symphony|Greater Victoria Public Library |x | | ||
- | | |North Vancouver City Library | | | ||
- | | |Powell River Public Library | | | ||
- | | |Prince George Public Library | | | ||