Skip to Main Content

OPAL Alma/Primo LMS

Resources and information related to Alma/Primo

Authentication

Ex Libris (Clarivate) Trust Center - https://clarivate.com/trust-center/

  • The Trust Center gives more information about the standards that Ex Libris & Clarivate are maintaining. 
  • An updated HECVAT (Clarivate & Ex Libris Certifications) is available on the Ostaff Systems page. This HECVAT is for the “Library Open Platform;" it covers Alma, Esploro, Leganto, Primo, Rapido, Rialto, and Specto. 

Ex Libris Developer Network - https://developers.exlibrisgroup.com/alma/integrations/

  • This page includes more information on all of the integrations that are possible with Alma/Primo. The two integrations that we are focusing on (patron load/SIS and authentication) first can be found under the "Users in Alma" menu item at the bottom left of the page. 

When Alma SSO Certificates Expire

  • SSO certificates generally occur every two years. Your IT will receive a message from the identity provider, such as Microsoft Entra ID, that the certificate will expire. When that happens contact us and we will work with your IT to update the information in Alma/Primo.

Patron Loads 

SIS load stands for Student Information System and is Ex Libris’ term for what we call patron loads (a data file from your campus systems that we at OhioNet load to create or update your patron records). These are referred to as “External Records” in the Alma user management documentation. Using SIS load is entirely optional. You will want to review the documentation and consult with your IT department and other stakeholders to determine if it makes sense for your situation. Going forward you can:

  • Continue your current process and schedule. OhioNet will make the required setup/configurations within the Alma system, convert your patron data file into the XML format required by the Alma system, and manage your data.
     
  • If you do not currently submit patron data but would like to use SIS load with Alma, you can also work with us directly to establish a process to extract delimited text files from your campus system and make them available by SFTP.
     
  • The other option is to manually create and delete user records in Alma (what they refer to as “Internal” patron records). If you only need to manage a small number of patron records or already use this approach, it continues to be available (limit of 5,000 patron records before there is an additional cost). Internal users are then authenticated against the Ex Libris Identity Service through an Alma user Identifier (Primary or additional ID) and a password. You can also load most of your patrons through the SIS load but manually create and manage community or guest patron accounts.
     

Authenticating Users/Patrons to the System

  • Authentication is how users sign into Alma, Primo, Library Mobile, etc. to access their library account, place requests for library material, or access electronic resources. Alma integrates with several federated authentication options, including LDAP and single sign on protocols (SSO) such as SAML, CAS, and OpenID Connect. IT departments will be able to configure authentication of patrons in Alma and Primo according to your campus authentication process.
     
  • Patron records maintained manually are authenticated against identifiers in the Ex Libris Identity Service and a password.
     
  • The proxy server and its authentication are separate even though it will be impacted by the Alma migration and the IT integrations. Off-campus access to resources will continue to be authenticated using the proxy. If your campus user/patron authentication process changes let us know so that we can review your proxy configuration and make any necessary adjustments. For example, if you’re configuring Alma to do SSO authentication, then we’d want to do this for the proxy server as well.
     
  • We generally recommend switching your proxy to SSO when possible. It is a relatively simple change for us and your IT team.