About Features Downloads Getting Started Documentation Events Support GitHub

Site Tools

Warning: This page has not been updated in over over a year and may be outdated or deprecated.


VuFind® offers several options for allowing users to log in and out of the system.

By default, VuFind® will manage its own database of user accounts. This configuration can be changed to use a variety of external systems.

Supported Options

Currently, VuFind® supports the following options in the [Authentication] section of config.ini.

Basic Options:

  • AlmaDatabase - Use VuFind®'s built-in user database in combination with Alma
  • CAS - Use the Central Authentication Service
  • Database - Use VuFind®'s built-in user database
  • Facebook - Use Facebook's login mechanism (not recommended)
  • ILS - Use your integrated library system, through the ILS driver.
  • LDAP - Use the Lightweight Directory Access Protocol
  • PasswordAccess - Require a single password (not username/password combination) for access (useful for simple password protection of entire instances)
  • Shibboleth - Use Shibboleth single sign-on
  • SIP2 - Use the SIP2 “Standard Interchange Protocol”

Advanced Options:

  • ChoiceAuth - Allow the user to choose between several of the Basic Options.
  • Email - Allow the user to log in using a link in an email sent to the address associated with an existing account (best used with ChoiceAuth or certain ILSes). When using, you should run the “util expire_auth_hashes” command line utility periodically to clean up expired hashes from the database.
  • MultiAuth - Attempt a serial chain of Basic Options without providing user choice (not all options supported).
  • MultiILS - Attempt a serial chain of ILS authentication configurations (for use in a consortial environment).

It is always worth checking config.ini for additional options, in case more have been added since the last update to this document.

configuration/authentication.txt · Last modified: 2023/03/28 12:13 by andre_l