Configuring Other Settings (User Management)
- User Administrator
- General System Administrator
Parameter Key | Description |
---|---|
address_lineX_regex (lines 1-5) | The valid format of lines 1-5 in the user's street address. See Adding User Contact Information. |
add_token_to_prevent_saml_replay_attack | Prevent SAML replay attacks. If set to true, the SAML login flow initiated by Alma or Primo and redirected back through the IdP will be safeguarded against replay attacks. |
allow_exl_to_login_as_staff_users | Adds a a checkbox “Allow Ex Libris Simulated Login” to the user records (see Managing Users). |
block_user_creation_multi_thread | For Esploro customers only - see Additional Settings. |
centralized_user_management_run_task_chain_validation | For Esploro customers only - see Additional Settings. |
check_for_expired_account | Set to true to prevent patron requests or resource sharing requests from expired patrons. In Primo, all request options will not appear. In Alma, the request will be blocked. An override warning appears for resource sharing requests. The parameter is set to false by default, which allows patron requests and resource sharing requests from expired patrons. This parameter does not prevent patrons from making the purchase request, even if the check_for_expired_account is set to true. |
disable_from_address | Set to true to disable the From: address field when you have configured a value for from_address (see below). This prevents users from entering their own email address in place of the one you have set in from_address, when using the Send message > General mail option in a user account. See Editing Users. |
distribute_user_management_changes_last_run | The last successful run date of the Distribute network user management changes to members job. See Centrally Managing Configurations in a Network Zone. |
email_regex | The valid e-mail format. See Adding User Contact Information. |
email_regex_display | The message appearing when entering an email address, if email_regex is defined. |
external_users_with_internal_auth |
For institutions whose Student Information System (SIS) does not offer authentication services, it is now possible to create users as external in Alma, but assign passwords for them directly in Alma. In this case, all the user information, such as name, ID, etc, is managed from the SIS, but the passwords are stored in Alma and managed by the Ex Libris Identity Service.
When this behavior is enabled, changing a user from external to internal (and vice versa) does not reset the user password; the existing password the user used as an external user is retained. See Registering Patrons and Mapping User Accounts to Other Systems. |
from_address | The value used as a default in the From: address for the General mail (User Details > General Information > Send message) you can send while editing a user. See Editing Users. See also disable_from_address, above. |
fulfillment_network_search_by_all | Whether to enable walk-in services in a fulfillment network for patrons that don't happen to have an ID available. The parameter must be enabled at the institution where the patron is already registered.
Valid search criteria include first name, last name, or email address. The search must be an exact match. If the search yields more than one result, an error is returned. |
limit_user_search_by_library_scope |
When set to true, a user account will be retrieved in a search result, only if the user has a patron role in the scope of a library and the searching staff has a role with searching privileges in that same library scope. The Default is false. |
network_users_unique_identifiers |
Whether a fulfillment network uses unique user identifiers:
|
jwt_signature_secret | Used for the social authentication handshake between Primo and Alma (see Using Social Networks for User Authentication for details). Note that the value configured in Primo must match the value defined here. |
Activate MFA (multi factor authentication) for Ex Libris Identity Service. Possible Values:
See Multi Factor Authentication for more details. |
|
network_user_profiles_and_assignment_rules_distribution_members_behavior | Controls what is done with the members' user profiles and assignment rules when the Network Zone's records are distributed. Valid values are: Remove and None. Remove removes all the local records. When set to None (the default), all previously existing records are left exactly as they were before the distribution. |
phone_regex | The valid phone number format. See Adding User Contact Information. |
phone_regex_display | The message displayed when entering a phone number, if phone_regex is defined. |
photo_identifier_type | The type of user identifier from which to take the name of the photo (together with photo_server_url). The options are: USERNAME (the primary identifier) or a user identifier code; see Viewing Additional User Identifier Types . See Managing User Pictures. |
photo_server_url |
The URL directory for user photos to display in the User Details page. See Managing User Pictures.
|
photo_suffix | The file extension (such as .jpg or .gif) for user photos. This value is appended to photo URLs – if this value is not defined, the photo may not appear properly. See Managing User Pictures. |
pin_number_method | To enable the PIN number generation functionality, enter the value fourDigit (the only possible value) here. See the PIN number field in Adding Users. |
postal_code_regex | The valid format for the postal code. See Adding User Contact Information.
By default, the postal code must be between 0 to 16 characters and must include only digits, capital letters, hyphens, and spaces. If you want to include periods as well, add \. following the hyphen, as follows: [A-Z0-9\-\. ]{0,16}
|
postal_code_regex_display | The message displayed when entering a postal code, if postal_code_regex is defined. |
preferred_identifier | Enter an identifier code to be used when displaying only one identifier and when scanning items that are on the hold shelf according to user. The identifier codes are listed in the User Identifier Types page. For more information, see Viewing Additional User Identifier Types . |
primary_identifier_regex | The valid format of the primary identifier. Alphanumeric characters in primary identifiers are supported. |
show_profile_in_user_notes |
When set to true, a note is added to the user account when a role profile is used to attached roles to the account. The default is false. |
staff_login_ip_address_retention |
The retention period for the public IP address of users that logged into Alma. The default period is 90 days, you can state any number, including 0 to prevent retention. For details, see Staff Login Report. Although you can change the report's data retention of 90 days, the maximum amount is 90 days. A lesser amount of days is valid, but not a greater amount. |
url_regex | The valid format of the URL. It must have a leading protocol, a valid domain name (two or three letter TLD and no invalid characters), and a valid file path. |
use_pincode_for_selfcheck_machine | Determines whether the PIN code for self-check machines can be updated by the patron in Primo. This setting is relevant only if Authentication required is set to Yes in the self-check machine integration profile. See Self-Check Machines. |
user_audit_retention_period | Entering a whole number indicates a length of time, in days, that user audit trail records will be retained. The default value of spaces means that all records are retained. See User Audit History. |
user_restrict_manage_roles_by_scope (New for November) | When enabled, this restricts the User Manager from adding, removing, or editing roles for users of libraries to which the User Manager does not have access (see Managing User Roles). By default this is not enabled. |