Skip to main content
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    Alma as the Patron Directory for Authentication

    If you are working with Primo VE, see Primo VE for more details.
    This is not the preferred way to set up Primo's PDS, because it is preferable to manage passwords in an external system (such as LDAP and SHIB). It is possible to store passwords in Alma, but only for users who are defined as internal users in Alma, as demonstrated in the following figure. The option to manage passwords within Alma will be made obsolete. Guest users’ passwords will have to be managed using OAuth based accounts, such as Google or Facebook. For more information, see Social and Email Login.
    This is mainly done for patrons who are guests in the library and are not part of the institution's directory. In such cases, it is preferable to configure the Primo PDS to first try the institution LDAP, and if this authentication fails, use Alma as a user directory.

    PDS Configurations

    This section describes the configurations that may be necessary in order for Alma to interact with Primo’s PDS.

    Applying the Version Fix to PDS

    If Primo’s PDS version is less than 2.1.1, you must apply the following fix in the PDS code.
    To apply the fix:
    1. Enter the following commands to edit the file:
      cd program
    2. Delete the following line from the file:
      'Accept-Encoding' => 'gzip, deflate',
    3. Save the changes to the file.
    4. Enter the following commands to restart the Apache server:
      ./apachectl stop

    Configuring the Calling Institution

    If the PDS configuration uses Alma as the patron directory for authentication and authorization, you must create a tab_service file for your institution by either creating the file manually on the server or using the PDS Wizard in the Primo Back Office.
    The tab_service.<institute> file defines the services that are required from the PDS for an institution. There is one file for each institution.
    The PDS is configured on the Primo side.
    To create the tab_service file manually:
    1. Enter the following commands, to create tab_service.<institute> file:
      vi tab_service.<institute>
    2. Enter the AUTHETICATE, BOR_INFO, and INSTITUTE_DISPLAY sections for your institution. For example:
      program =
      params = <Alma domain>,80,BOR_AUTH,N

      program =
      params = <Alma domain>,80,BOR_INFO,N

      code = university
      desc = university institution
      lang = ENG
      primo = UL
      Currently, the system authentication method's name is Rosetta. However, it is used for Alma as well.
    3. Save your changes to the file.
    To create the tab_service file with the PDS Wizard:
    1. On the Primo Home > Ongoing Configuration Wizards > PDS Configuration Wizard page, select your institution.
    2. Use your login information to enter the wizard.
    3. Continue with the wizard and define the authentication method. Currently, the wizard uses Rosetta as the application method for Alma.
      Define the AUTHENTICATE Section
    4. Continue with the wizard and define the bor-info attributes. Currently, the wizard uses Rosetta as the application method for Alma.
      Define the BOR-INFO Section
    To test the PDS configuration:
    1. Open the Primo Front End in a browser, but do not sign in.
    2. Select My Account and then select the Personal Settings tab.
      No personal settings should display.
    3. Select Sign in and enter your login information.
    4. Select My Account and then select the Personal Settings tab.
      You should see user details. If you do not, verify that the PDS bor-info is working by entering the following URL in your browser: