How to choose which user ID attribute to use in login profiles
- Product: Cross Product
- Product Version: N/A
- Relevant for Installation Type: N/A
The user ID attribute is used to identify the user in Alma and to retrieve the user info.
The login process can be divided into 2 steps:
1. Authentication –
- Are you really who you say you are?
· Yes: here is your Identifier
· No: access denied
2. Authorization –
- After login success, what are your user details
- Checking with the calling application
· Alma: based on authorization info, application will grant or deny access
· Primo: if you have an account in Alma, you're in
When choosing the user ID attribute, there are 3 components to take into account:
1. Authentication System: i.e, SAML, LDAP, CAS
2. Alma/Primo
3. Student Information System: which is where the institution’s users are saved, managed and maintained
Alma usually gets its user information from the Student Information System.
After authentication, an identifier is returned from the authentication system, this identifier will be used to retrieve the user information (authorization) from Alma and complete the login.
In order to have a successful authorization (and login), it is necessary that all the 3 components mentioned above will be compatible with the chosen identifier.
- Article last edited: 10-12-2018