Ready to Learn?Ex Libris products all provide open APIs

Authentication in Alma

Authentication for a cloud-based SaaS application can be accomplished using one of two ways: entering a user ID and password in the user’s browser or using identity federation. The former method is pretty well known (and increasingly reviled). The latter method is well established and has superior security. In line with Alma's support for industry standard security measures, and in order to fulfill the requirements of Alma's various security certifications, Alma integrates with several federated authentication options. For more information about federated authentication see Background and introduction to federated authentication.
 
 
In cases where the institution has an Institutional/Enterprise Identity Provider, users can login using LDAP or single sign on protocols (SAMLCAS). Institutions that do not have an institutional IDP might use the Ex Libris Identity Service.
In any case, an institution may allow users to login using Social Networks such as Google or Facebook, or using an Email-based login.
 
 
Following is a summary of the authentication methods that are supported for internal and external users:
 
Authentication methodInternal usersExternal users
LDAP, SAML, CAS 
Ex Libris Identity Service 
Social login
Email-based login
 
 
The following pages describe the various authentication methods: