link_orcid
No security coverage
Link an ORCID
Confidently save a user's ORCID iD to a configured field, authenticated by the ORCID API.
Features
- Choose a plain text field on the User entity to store an authenticated ORCID iD.
- Use the Key module to store the ORCID client secret securely.
- Users can link/unlink their own ORCID from their profile using a secure OAuth flow.
- The configured ORCID field is disabled and can only be set via the "Link ORCID" button.
Preparation
- In the ORCID Developer Portal, create a new application to obtain your Client ID and Client Secret.
-
Set the Redirect URI to:
https://your.site.com/link-orcid/callback - Install and enable the Key module to securely store your ORCID Client Secret.
Post-Installation
- Create a plain text field on the User entity to hold the ORCID iD.
-
Configure at:
/admin/config/people/link-orcid(Configuration > People > Link an ORCID settings)- Enter your ORCID API Client ID.
- Select the Key that stores your ORCID Client Secret.
- Choose the user field to store the ORCID iD.
- Toggle Sandbox for testing.
- Grant the "link own orcid" permission to appropriate roles. The configuration form includes a message and link to help you do this for the Authenticated user role.
Usage
- On your own user edit form, click the "Link ORCID" button next to the configured field. The field is disabled for manual editing and will be set automatically after linking.
- After authorization, you'll be redirected back to your profile edit page with a success or error message.
Security
- The ORCID client secret is stored in the Key module; this module never stores the raw secret in configuration.