Accepting Digital Deposits via Email
Alma’s support for the SWORD digital deposit protocol makes it easy to build custom deposit tools for our users. However, no matter straight forward we make our deposit tool, we can’t beat the ease of email. To allow users to send files to our repository via email would be the ultimate in usability.
We’ve previously been introduced to Alma’s SWORD support and have used it to create a custom deposit tool. In this article, we’ll leverage the public cloud and SWORD to implement an email deposit flow.
AWS Email Gateway
In the past, the ability to receive email was limited to those with IT infrastructure and experience with SMTP servers. Now, we can take advantage of public cloud services such as Amazon’s AWS SES, or Simple Email Service. To set up SES, we need to first authorize our domain. This is done by adding a custom DNS entry. We can use a top level domain, or a sub-domain such as deposit.my-institution.com.
We can then set up a rule to handle incoming emails. SES can perform several actions in response to receiving emails. In our case, we want to save the email message to S3, and then fire a Lambda function to handle it. We first specify the intended recipient for the rule. Here we can choose a particular email address, or all addresses in a sub-domain. Then we configure the S3 bucket and the name of the Lambda function.
The process begins when a user sends an email to the deposit email address.
When the deposit email arrives at the configured email address(es), our Lambda function is fired along with an object which contains the email ID. Based on the message ID we know where the email message file is stored.
Authentication and Verification
Our first task is to identify the user who sent the email. We can access the email address of the sender and then use the Retrieve Users API to search for a user in Alma with that email address.
We also need to decide if we want to verify incoming email. There are security and privacy implications so each institution must consider their policy. One option, demonstrated in this code example, is to verify a user the first time a deposit is received. This is accomplished by sending a verification email and awaiting a response before the deposit is processed. In this way we confirm that the user is interested in depositing material and that their email address is not being spoofed.
Creating the Deposit
To create the deposit, we parse the email message, extract the attachment(s), subject and body. We use this information to create a small DC record, mapping the email subject to title and the email body to dcterms:abstract. We use the user’s full name as the creator.
We then create a SWORD deposit request with the attached files and metadata, and send the request to the Alma SWORD endpoint. The SWORD server creates the deposit and the accompanying digital inventory in Alma.
If the request is successfully submitted, we send an email to the user informing them that the deposit was submitted, along with a link to view the deposited file(s).
If you’re interested in enabling deposits via email in your institution, you can use the sample implementation of the flow in this Github repository. The readme includes instructions for how to configure the Lambda function.