Authentication Guide

Institutional Subscriptions to the Visual Thesaurus have multiple ways of providing licensed users convenient access to the product. Most of our customers provide access to their users from both inside and outside their network, so a student can access the Visual Thesaurus both at school and at home.

This document briefly describes the different methods of authentication that we offer, and their requirements:

  1. IP Authentication (Useful for Access Inside your Network Only):

    IP Authentication provides access to the Visual Thesaurus based on a range of IP addresses that identifies your institution's computers from the outside world.

    Requirements:

    1. You must have a range of IP addresses that only represent computers within your Institution. Only licensed users should have access to these computers.
    2. You cannot have Dynamic IP addresses (such as those provided by an Internet Service Provider).
    3. The number of IP addresses must be roughly commensurate with the size of your population.
  2. Referrer Key Authentication: (Useful for Access both Inside and Outside Your Network)

    With this authentication method, users access the Visual Thesaurus by simply clicking a link placed on any webpage within an Institution's website. We offer two types of Referrer Key Authentication: Server-based and Client-based.

    Requirements:

    1. In both cases, the referrer key webpage can only be linked from the Institution's website.
    2. In both cases, only licensed users should have access to the referrer key webpage. In addition, the referrer key webpage can not be publicly accessible via the Internet without some other secure form of authentication currently employed by the Institution.
    3. Server-based Requirement: The server-side webpage can be provided in PHP, JSP, ColdFusion, Perl CGI, or ASP form.
    4. Client-based Requirement: The URL of the page containing the link must be provided to us beforehand and match exactly the referrer header sent by your licensed users' browser.
  3. Individual Login Authentication: (Useful for Access both Inside and Outside Your Network)

    With this authentication method, individual users from your institution can access the Visual Thesaurus using their own username and password. So long as the end-user has a valid login, they can access the Visual Thesaurus and take advantage of all its functionality.

    Requirements - Creating Individual Logins:

    1. Logins can be created by a licensed user when the user accesses the Visual Thesaurus using one of the methods of authentication above.
    2. Administrators can invite licensed users via email to create a login.
    3. Administrators can provide licensed users with a registration code that allows them to create a login when they are not within the institution's network.

    Individual Login Properties:

    1. Individual Logins expire one year after the last time a user logs in using one of the authentication methods above.
    2. Individual Logins are only accepted at your institution's access URL (yourinstitution.visualthesaurus.com)

Compliance Testing:

From time to time, we automatically audit our Institutional Subscriptions to ensure compliance with the above requirements. If we determine that unlicensed users can gain access to the Visual Thesaurus using one of the above authentication methods, we will notify you, and in certain cases, we may temporarily turn off one or more of your authentication methods until the problem is corrected.

If you have any questions about our authentication policy, please visit our support section and use the support form to let us know.