When using Alma to perform user authentication, typically user information is also requested from Alma.
The following steps describe the interaction between the user, Primo, and Alma to provide authentication and authorization:
- The user invokes the sign-in option in Primo.
- Primo displays the Primo login page.
- The user enters his or her credentials.
- Primo sends the user’s credentials in a secured authentication request to Alma.
- Alma sends a response to Primo indicating whether the user has been authenticated.If the user has been authenticated, the response will also include user information. Otherwise, an error will display on the Primo login page.
- If the user has been authenticated, Primo will log the user in.
Authentication using Alma does not require much configuration because the relevant information is defined for the Primo institution and displays automatically for you in the login profile.
To configure Primo to use Alma authentication:
- Open the User Authentication Wizard page (Primo Home > Ongoing Configuration Wizards > User Authentication Wizard).
- Select your institution from the Owner drop-down list.The source of your Primo institution must be Alma in order use Alma user authentication.
- From the list of profiles, click Edit next to the Alma profile that you want to configure.The Login Profile page opens.Alma Login Profile Page
- Use the following table to configure the Alma authentication fields:
Alma Configuration Fields Parameter DescriptionAlma Authentication Request Fields:ALMA_LOGIN_URL(Required) The IDP login URL. This is the URL Primo uses when it sends the authentication request (bor_auth). This field is automatically populated for you based on the Alma base URL settings in the Institution Wizard.ALMA_INSTITUTION(Required) The IDP entity ID. This field is automatically populated for you.Select User Information MethodFor Alma authentication, ALMA is selected automatically for you.USER_INFO_URL(Required) The IDP login URL. This is the URL Primo uses when it sends the information request (bor_info). This field is automatically populated for you based on the Alma base URL settings in the Institution Wizard.
- Click Save.
- From the list of profiles, click Edit next to your Alma profile.The Login Profile page opens with the attribute mapping option.Alma Login Profile Page - Alma Attribute MappingThe Attributes Mapping button displays only when the user information method has been selected and saved.
- Map the user attributes associated with Alma authentication. For more information, see Attribute Mapping.