Authentication methods and patron data load
The process for adding new patron data can depend on your library's authentication method. Find your authentication method below to learn more about authentication requirements and patron load process.
Note: If your library uses Tipasa there are additional considerations noted in the table below.
Authentication method | Authentication requirements | Is a patron load required? | How will I add new patrons? |
---|---|---|---|
LDAP |
|
In most cases, yes. Both an initial load and ongoing loads are required. Tipasa only: Provision on demand (where accounts are created as users log in using information returned by your LDAP server) is available. With this option no load is required. |
Without provision on demand - Patron load only OR Tipasa only: With provision on demand - accounts get created as users log in with their LDAP credentials. This method creates patron accounts which only contain name, email, and LDAP identifier (usually samAccountName). It is possible to include address and phone. |
CAS |
|
Yes | Patron load only |
SAML (includes Shibboleth, AD FS, Azure, Google SAML, Okta, etc.) |
|
In most cases, yes. Both an initial load and ongoing loads are required Tipasa only: Provision on demand (where accounts are created as users log in using attributes returned by your IdP) is available. With this option no load is required. |
Without provision on demand - Patron load only OR Tipasa only: With provision on demand - as patrons log in to your SAML IdP (if sufficient attributes are being released - at least name fields and email addresses). This method creates patron accounts which ONLY contain name, email and NameID from your IdP. |
Basic WorldShare authentication |
|
Initial load is required. Ongoing loads are strongly encouraged to add and update users. Tipasa only: Initial load is recommended, but you can also allow patrons to self-register for accounts in Tipasa. Self-registered accounts will only include name, email, and an additional identifying piece of information you define (which will be used as the username). |
Patron load OR Library staff can add users via the Staff Admin interface. OR Tipasa only: Users can self-register for their own accounts, which are instantly active. |
Tipasa only: ILS-based authentication methods (only SIP or III Patron API using EZproxy in the middle to act as a translator). |
|
No. You can do an initial load, but it is not required. In most cases, libraries that select this method do not do a patron load. |
Patron load OR Provision on demand (using their existing ILS-based credentials). Provision on demand creates accounts with just name, email, and a username (which could be a barcode). |