VuFind® offers several options for allowing users to log in and out of the system.

By default, VuFind® will manage its own database of user accounts. This configuration can be changed to use a variety of external systems.

Currently, VuFind® supports the following options in the [Authentication] section of config.ini.

Basic Options:

• AlmaDatabase - Use VuFind®'s built-in user database in combination with Alma
• CAS - Use the Central Authentication Service
• Database - Use VuFind®'s built-in user database
• Facebook - Use Facebook's login mechanism (not recommended)
• ILS - Use your integrated library system, through the ILS driver.
• LDAP - Use the Lightweight Directory Access Protocol
• PasswordAccess - Require a single password (not username/password combination) for access (useful for simple password protection of entire instances)
• Shibboleth - Use Shibboleth single sign-on
• SIP2 - Use the SIP2 “Standard Interchange Protocol”

Advanced Options:

• ChoiceAuth - Allow the user to choose between several of the Basic Options.
• Email - Allow the user to log in using a link in an email sent to the address associated with an existing account (best used with ChoiceAuth or certain ILSes). When using, you should run the “util expire_auth_hashes” command line utility periodically to clean up expired hashes from the database.
• MultiAuth - Attempt a serial chain of Basic Options without providing user choice (not all options supported).
• MultiILS - Attempt a serial chain of ILS authentication configurations (for use in a consortial environment).

It is always worth checking config.ini for additional options, in case more have been added since the last update to this document.