Skip to main content
  • Subscribe by RSS
  • Ex Libris Knowledge Center

    Social and Email Login


    Return to menu

    To configure social login profiles, you must have the following role:
    • General System Administrator
    Facebook, Google, or Twitter may be used to log in to Alma and Primo (when working with Alma) accounts. The setup below is required to enable users to use their existing credentials from a social network providers like Facebook, Twitter, or Google to sign in to Alma and Primo, instead of using separate Alma/Primo credentials. 
    Another social login option is by email. Whenever a user wants to log in to Alma/Primo, a one-time password is sent to their email account, using which they can log in. This option is available only for users whose active email account is registered on their Alma user record. For more information on email login, see Primo Login Using Email.
    social login options.png
    Social/email login to Alma
    Ex Libris recommends that you use the same social authentication profile on both the sandbox and the production server. In this case, no additional configuration of social login is required on the sandbox after a refresh. For more information, see Recommended Configuration to Account for Sandbox Refresh.
    The overview of the setup process is as follows:
    Alma and Prima Social login - diagram.png
    Related Information:

    Creating an App for Social Network Provider

    To allow social login, you must first obtain a Google/Facebook/Twitter account for the library, and configure an OAuth app for these accounts. Once you configure an OAuth app, you will receive an app ID and Secret, which you will need to save to later provide in Alma. 

    For detailed steps on configuring OAuth apps for Google/Facebook/Twitter, see the below links:

    Provider Link

    For a detailed overview of social logins, see the Developer Network.

    Defining an Integration Profile of Type 'Social/Email Login'

    To configure a social login integration profile:
    1. On the Integration Profile List page (Configuration Menu > General > External Systems > Integration Profiles) select Add Integration Profile.
    2. Enter the external system information:
      1. Enter (Profile) Code and Name.
      2. Select Social/Email Login as the integration type.
      3. Select the connecting system. You can define more than one social login type. Available options are:
        • Facebook
        • Google
        • Twitter
        • Email
      4. Select Next. The Social/Email Login configuration dialog box appears:
        Integration Profile Social Login.png
        Social/Email Login Integration Profile
    3. The Login section defines the required attributes for the OAuth protocol to establish authentication with the external application.
      • Activate the integration profile.
      • Enter the App ID and App Secret. These are provided by the social network. These fields do not appear for Email login. 
        Note: App ID and App Secret are not required when setting up email login. It is also not possible to set up self registration with email login.
      • Select the Allow Login to Alma checkbox to allow staff to log in to Alma using social/email login. Clear the checkbox to disable the ability for staff members to use the social/email login option, in which case they can only use the standard Alma login process. If cleared, only social login in to Primo is enabled. 
    4. When self-registration is set to Active, Alma creates a user for any unregistered user logging into Primo with social authentication. Select a user group to be assigned to the newly created users. Resource sharing library and statistical category may also be assigned to the user if selected in the self-registration setup.
      Self-registration is relevant only for patrons.
      When setting up social login, this section can be ignored. 
    5. Select Save.
    6. Each user must have their social login identifier added to their user account. See Managing User Identifiers (Tab).

    Creating a Set of Social/Email Login Invitation Recipients

    Depending on the policy in your institution, you can enable social login to all Alma/Primo users or only to a subset of these. To do this, create an itemized user set (see Managing Search Queries and Sets).

    Sending a Social/Email Login Invitation to Users

    To send social login invitations in bulk to all users included in the user set, use the "Update/Notify Users" job (Admin > Run a job). In the job's "Send notification to user" parameter, make sure to select the 'Social Login Invitation' option. For further details on the job, see Update/Notify Users job

    The letter that is sent is the Social Login Invite Letter. For example:
    example of social login email to user.png

    After attaching a user account to a social logic provider, an additional Social Login Account Attached Letter is sent. For library staff, the email includes a link which can be used to quickly log in to Alma. The invitation has an expiry period of a few days. If the user missed the expiration period, the invitation to an individual user can be sent from the Manage Users page. 

    If the System Type 'Email' has been selected, then users can also sign in to Primo using email. The email letter for this is Login Using One Time Token Letter.

    If the institution decides to enable social login invitation to all its patrons, the below actions have to be done to make sure that all patrons received the invitation:

    • Create a set of all current patrons and send them the invitation. 
    • At the beginning of each term, create a set of all new patrons, and send them the invitation. 
    • Once the patron's Alma account is expired, social login stops working for that patron. 
    • Was this article helpful?