Restrict access to your site, a group, or a guide with LibAuth authentication

LibAuth authentication rules (CMS only) allow you to restrict access to your LibGuides site, specific groups, individual guides, and/or e-reserves to authenticated users. When adding a rule, you can specify which LibAuth configuration to use when accessing your site, group, guide, or e-reserves. For CAS and SAML/Shibboleth/ADFS users, you can even create access rules for specific group permissions, as well. 

If a user attempts to view the content restricted by your access rule and they are unable to authenticate, then they will see an "Access Restricted" error page. Otherwise, they'll be able to view your content as normal.

Using LibAuth authentication rules can be helpful if you want to restrict access to content to only valid users of your institution, such as current students, faculty, and staff. This is also a great way to both restrict access to your content, while also allowing valid off-campus users to easily authenticate to view it.

  • Published guides covered by access rules will still appear in guide lists and search results. This means users can still see the relevant snippets of content in your LibGuides search results. However, they will not actually be able to view the full content if they are not covered by your access rule.
  • If you'd like to restrict access to certain content and prevent it from being included in public guide lists and search results, consider assigning your guides to an internal group, instead. Although an internal group cannot be restricted by LibAuth authentication rules, they are restricted to only signed-in users who have been given access to that group.
 Before you begin: your LibApps admin must first set up one or more LibAuth configurations for your system.

To manage access rules for site, groups, and/or guides, go to Admin > System Settings > Access Rules.

Navigating to the Access Rules settings


Adding a LibAuth authentication rule

  1. Under LibAuth Authentication Rules, click on the  Add Rule button.
  2. Select the Rule Type you want to add:
    • Site Rule: this will apply your LibAuth restriction to all public pages of your site.
      • Note: if you have exactly one LibAuth configuration in place, users will be directed to your LibAuth login page instead of the LibApps login page.
    • Group Rule: this will apply your LibAuth restriction to a specific group and its guides. This will apply to both the public and admin sides of LibGuides (so if a user is outside of the LibAuth range, they can neither view nor edit guides in that group).
    • Guide Rule: this will apply your LibAuth restriction to a specific guide. This will apply to both the public and admin sides of LibGuides (so if a user is outside of the LibAuth range, they can neither view nor edit that guide).
    • E-Reserves Rule: if you subscribe to the E-Reserves module, this will apply to all public e-reserves pages.
  3. If you select either a Group Rule or Guide Rule, select which group or guide to which this rule should apply.
  4. Select the LibAuth Configuration you want to use. This is the system users with which users will authenticate.
  5. If you selected a CAS or SAML/Shibboleth/ADFS configuration, you can optionally select one of your configuration's group permissions to this access rule. This can allow you to implement a more specific restriction.
    • For example, if your LibAuth configuration has a group permission for library staff, you could apply that to your staff intranet group in LibGuides. That way, only authenticated users who belong to the library department would be able to view guides in that group.
    • Consult with your LibApps admin and IT staff for help creating your own group permissions in LibAuth.
  6. Optionally, you can add a note to this rule to describe what it covers, who it should include, etc.
  7. Click the Save button.

Clicking the Add Rule button

Adding a new LibAuth access rule


Managing LibAuth Authentication rules

  1. To edit a rule's name, object, and/or LibAuth configuration, click on its Edit () icon in the Actions column.
  2. To remove an access rule, click on its Delete () icon in the Actions column.
    • If other rules still apply to that content, then the users covered by the deleted rule will no longer have access to it.
    • If no other rules apply to that content, then the content will no longer be restricted by LibAuth authentication.

Options for managing LibAuth access rules

Related Articles