Please contact Co-op Support before you purchase a license for 3rd party content or any other hardware or software (e.g. self-check machine, book locker) that requires integration with Sitka’s Evergreen or authentication against patron accounts.
To request a 3rd party service be considered for integration with Sitka’s Evergreen please complete our 3rd Party Service Integration With Sitka’s Evergreen survey. A PDF version of the survey is available for reference.
|
Caution
|
It takes significant Co-op staff time to perform the required work and due diligence to ensure these services meet privacy and security legislation requirements for our members and their users. Please anticipate a 3 to 6 month turnaround for Co-op staff to complete the assessment of the service. Implementation times for services that meet the requirements will depend on Co-op staff availaibilty, support from the vendor, and the library’s IT support expertise and availability. |
Co-op Support frequently receives requests from libraries to integrate 3rd party services with Sitka’s Evergreen. 3rd party services are any software or hardware that isn’t part of the Evergreen integrated library system. 3rd party services include products such as self check machines, electronic resources, public workstation authentication, equipment lockers, etc.
3rd party services will either just authenticate patron accounts (such as Overdrive and Linked In Learning) or will authenticate patron accounts and do more like perform circulation (such as self check outs).
Vendors of 3rd party services may give the impression that integrating their services with your library’s ILS (Sitka’s Evergreen or otherwise) should be ‘’easy’’ or straightforward. This is most often NOT the case, particularly if this is a new product/service. Service integration has become increasingly challenging as we strive to meet stricter privacy and security legislation requirements. We would like to work with you to ensure successful integration of 3rd party products wherever possible, and to do our best to identify those regrettable cases where integration with Evergreen is not possible.
Most of these 3rd party services use one of two ways for their service to ‘’talk’’ with Sitka’s Evergreen, either using a protocol called SIP2 (Standard Interchange Protocol), or through an API (Application Programming Interface). In either case, Co-op staff need to ensure that the method of integration is secure and private.
We’ve provided more background below about why 3rd party integration often requires time on our part and why in some cases, it may not be possible or feasible.
-
The SIP2 protocol, is old and insecure. Patron details and borrowing information is sent in plain text between Evergreen and the vendor. Sitka staff have done significant work recently with some existing services to mitigate the limitations of SIP2 and better protect user privacy.
-
We are phasing out the use of SIP2 for authentication, and are working to secure SIP2 where it is truly unavoidable. Any new services using SIP2 must use encrypted SIP2 which will require additional time and work, including back and forth with technical staff on the vendor side, back and forth with technical staff at the library, and testing to work around these issues.
-
APIs require the vendor to provide us with technical details so we can attempt to integrate the service with Sitka’s Evergreen. This requires time for staff to do analysis, write code, work with technical staff on the vendor side and test to ensure the API works.
-
There will be cases where neither encrypted SIP2 or API is an option and we may not be able to integrate the 3rd party application with Sitka’s Evergreen.