"PatronAPI" authentication

Evergreen now supports the III "PatronAPI" scheme for authenticating patrons and supplying some information about them.

To enable this, you will need to:

  1. Add a new User Activity Type to Evergreen for PatronAPI authentications.

  2. Add a new Remote Authentication Profile to Evergreen. You will probably want to use PatronAPI as the name.

  3. Edit the <Location /api/patronapi> stanza in Evergreen’s eg_vhost configuration file. In particular, you will need to allow access to it from the server(s) wanting to make PatronAPI requests, determine whether to enable the PatronAPI "dump" feature, and specify whether users can be identified by username or barcode.

  4. Restart Apache.

  5. Update the PatronAPI client to use https://your.evergreen.server/api/patronapi as its base URL.

Example PatronAPI URLs look something like this:

PatronAPI URLs
# test a patron's PIN:
https://evergreen.example.org/api/patronapi/USERNAME/PASSWORD/pintest

# dump some information about the patron. Note that this
# does _not_ require the the patron's password be supplied.
https://evergreen.example.org/api/patronapi/USERNAME/dump

The responses for the pintest and dump actions are specified by Template Toolkit templates under (e.g.) /openils/var/templates/remoteauth.