FAQ content

Require users to sign into LibApps with your SSO

In this article

Many LibAuth configuration types can be used as an alternative login method for LibApps user accounts. For example, you can allow users to sign into LibApps using either their LibApps username & password or through the SSO (single sign-on) system you connected to LibAuth.

However, you can also configure LibApps to only let users log in via LibAuth. When enabled, users who attempt to log into LibApps will be redirected to the SSO you connected to LibAuth. After authenticating, they will be redirected back to LibApps and logged in.

You may find this convenient, since it's once less login you & your colleagues need to remember. In addition, it allows LibApps users to take advantage of the security and account recovery features provided by your institution's SSO system.

Important considerations

Before enabling this option for LibApps, please note the following:

  • In order for a login to be successful, the email address returned from your SSO must match the user's email address in their LibApps account exactly. This means lower/uppercase characters must also match (i.e. USER@springyu.edu and user@springyu.edu do not match).
  • Your SSO cannot be used to create new user accounts in LibApps. A user must already have an account in at least one of your LibApps systems (e.g. LibGuides, LibAnswers, LibCal, etc.).
  • Because all login are routed through your SSO, Springshare staff will no longer have access to troubleshoot the admin side of your Springshare apps. (Should you need to contact support, please include all information needed to troubleshoot your problem, which could include screenshots or videos, as appropriate.)
  • It is your responsibility to ensure that your LibAuth configuration settings are kept up to date. Please work with your institution's SSO admin to ensure that changes to your SSO do not cause your LibAuth configuration to stop working, as it may prevent users from logging into LibApps.
  • Issues with your SSO system, such as maintenance or unplanned downtime, may temporarily prevent users from logging into LibApps.

Setting up SSO-only login for LibApps

  1. To begin, you will need to set up one of the following types of LibAuth configurations (if you haven't already):
  2. Once you've created your configuration, you must set its Allow logging into LibApps option to Yes.
Please test your configuration before continuing. We strongly recommend that you test your configuration with multiple users to confirm they can log in to LibApps successfully via your SSO. This is especially important if you are using group permission rules to allow only a subset of your institution's users to login into LibApps.
  1. From the LibApps dashboard, navigate to Admin > LibAuth Authentication.

The LibAuth Authentication option under Admin

  1. Under the Require SSO Authentication for LibApps Login section at the bottom of the page, select the configuration you want to use.
  2. Click the Save button.

Selecting a configuration 

Disable SSO-only authentication for LibApps

If you would like to allow users the option of logging in with their LibApps username & password, you can disable SSO-only authentication at any time.

  1. From the LibApps dashboard, navigate to Admin > LibAuth Authentication.
  2. Under the Require SSO Authentication for LibApps Login section at the bottom of the page, select Disabled - Display Default LibApps Login Form.
  3. Click the Save button.

Please note that users will still have the option of using your SSO unless you set your LibAuth configuration's Allow logging into LibApps option to No.

Disabling the Require SSO option