Sharing Patron Record Data with Third-party Systems
The Patron API (URL) product enables third-party vendors to access patron record data in your Innovative database. For example, a public computer management system or ebook lender might use Patron API to obtain the data it needs to authenticate users. Third-party systems that access Patron API are only able to read patron data; this product cannot be used to update the source patron data in the Innovative database. The patron data is delivered to the third-party system in HTML format.
Patron API Versus Patron Update Web Service
This page describes the Patron API (URL) product, which provides read-only patron data in HTML format. The Patron Update Web Service product offers the ability to read, update, and delete patron records using XML. For more information, see Patron Web Services.
For more information, see the following:
Setting Up Patron API
To set up Patron API:
- Contact Innovative to acquire and install the product. If you want to enable any optional functionality, inform Innovative at this time. Innovative staff install and configure Patron API as requested.
- To protect patron confidentiality, limit access to the Patron API service by editing the HTPATAPI entry (or, if your library uses Patron API SSL, the HTPATAPISSL entry) in the Limit Network Access table. When assigning a login for the service, you can either use an existing login or create a new one specifically for use by Patron API. (Note that login use by Patron API does not affect user license statistics.)
- Ensure that the port(s) used by Patron API are open in your library's firewall. Standard Patron API uses port 4500. If your library uses Patron API SSL, you must open port 54620.
- Provide any requested information to the third-party vendor, such as your library's Sierra release, the port(s) used by Patron API, and whether or not your library uses PINs to verify patrons.
When you have finished setting up Patron API, you can test it by sending a properly formatted patron information request via a Web browser. For information about request format, see Patron API Requests, Responses, and Error Messages.
How Patron API Works
Patron API works as follows:
- When prompted, a patron provides their authentication information, such as their barcode and PIN, to the third-party application that interacts with Patron API.
- The third-party application sends a request for patron data or verification to Patron API using the protocol and port you specified during setup.
- Patron API determines whether the patron's authentication information is complete and valid. If so, it sends the corresponding patron's record data to the third-party application. If not, Patron API returns an error message.
- The third-party application uses Patron API's response to perform its designed function (for example, to authenticate the user) or to show an error.
For more information about the format of messages received and sent by Patron API, see Patron API Requests, Responses, and Error Messages.
Patron API Statistics Not Tracked
The system does not store usage statistics for Patron API. Contact the third-party application vendor for statistical information.
Optional Functionality
Patron API offers the following optional functions and features:
Using SSL with Patron API
If your library has the Patron API SSL feature enabled, you can use Patron API over a secure network. When using Patron API SSL, the external user's session expires only when the Web browser is closed. To enable the Patron API SSL feature, contact Innovative.
Suppressing Variable-length Fields
When a third-party program requests patron data, Patron API returns all fields in the patron record by default. If you want to exclude certain variable-length fields from Patron API's response, contact Innovative and specify which fields to suppress.
Updating the CIRCACTIVE Fixed-length Field
Patron API updates the patron record's CIRCACTIVE field when a third-party application accesses the patron record. This can help you keep track of patrons who do not regularly perform circulation transactions but nevertheless use your library's electronic resources or services. If you do not want Patron API to update the patron's CIRCACTIVE field, contact Innovative.