How do I set up Authentication for Alma/Primo?

Answer

Alma authentication is dependent upon ids in the user record.

The two authentication options in the user record are:

  • Internal: default login, uses a manually created username and password set up in a user record.
  • External:
    • Connects to your campus authentication system, uses data loaded during your user data load (SIS load).
    • Requires set up in the following locations:
      • Your campus authentication system: need settings that allow access from Alma/Primo
      • Ex Libris: need settings that allow incoming requests from your system
      • Alma: set up in Configuration>General>External Systems>Integration Profiles
    • It can be tricky to get the security certificates and other settings working correctly for external authentication. SLS recommends submitting a high priority ticket with Ex Libris's Salesforce Support Team for help with any authentication issues.

Ex Libris Documentation:


Authentication Methods:

Default Login:

The default Alma login is meant to be used with "internal" user accounts, meaning those that aren't set up to use your campus's authentication system.

Notes:

  • The login URL format for internal accounts is: https://suny-gcc.alma.exlibrisgroup.com/mng/login. Change the three letter code to your campus's code.
  • You may toggle internal staff accounts to change them to external accounts that use your campus authentication system once you have that set up:
    toggle account type
  • It's a good idea to keep at least one internal staff account so that you can toggle your other staff members back to internal accounts if something goes wrong with your campus authentication system

SAML:

Alma supports the SAML 2.0 Web Browser SSO profile. This enables Alma to exchange authentication and authorization information with your institutional Identity Provider (IDP), allowing a single sign-on for the institution’s users.

Notes:

  • For specific information about how to set up SAML for Alma/Primo, see the SAML Authentication Overview in the Ex Libris Developer's Network.
  • The Alma login URL format for SAML is https://suny-gcc.alma.exlibrisgroup.com/SAML. Change the three letter code to your campus's code. If you plan to switch back and forth between SAML login and internal login, you may need to clear your cache or use a different browser for each method, because the SAML login can be "sticky" and override the internal login URL.
  • If you're going to use external authentication to let your users log into Primo in order to manage their loans, request items, etc., it's important to set it up for both Alma and Primo, even if you plan to only use internal accounts for logging into Alma. One reason for this is that articles for Resource Sharing are stored on the Alma platform, and users may need access to that system as well as Primo.

Additional Methods:

CAS, OAuth, and LDAP may also be used for authentication for Alma/Primo. See the Ex Libris Authentication documentation for more information.

  • Last Updated Dec 24, 2024
  • Views 635
  • Answered By Michelle Eichelberger

FAQ Actions

Was this helpful? 0 0