About Features Downloads Getting Started Documentation Events Support GitHub

Site Tools

Warning: This page has not been updated in over over a year and may be outdated or deprecated.


VuFind offers several options for allowing users to log in and out of the system.

By default, VuFind will manage its own database of user accounts. This configuration can be changed to use a variety of external systems.

Supported Options

Currently, VuFind supports the following options in the [Authentication] section of config.ini.

Basic Options:

  • AlmaDatabase - Use VuFind's built-in user database in combination with Alma
  • CAS - Use the Central Authentication Service
  • Database - Use VuFind's built-in user database
  • Facebook - Use Facebook's login mechanism (not recommended)
  • ILS - Use your integrated library system, through the ILS driver.
  • LDAP - Use the Lightweight Directory Access Protocol
  • PasswordAccess - Require a single password (not username/password combination) for access (useful for simple password protection of entire instances)
  • Shibboleth - Use Shibboleth single sign-on
  • SIP2 - Use the SIP2 “Standard Interchange Protocol”

Advanced Options:

  • ChoiceAuth - Allow the user to choose between several of the Basic Options.
  • Email - Allow the user to log in using a link in an email sent to the address associated with an existing account (best used with ChoiceAuth or certain ILSes). When using, you should run the “util expire_auth_hashes” command line utility periodically to clean up expired hashes from the database.
  • MultiAuth - Attempt a serial chain of Basic Options without providing user choice (not all options supported).
  • MultiILS - Attempt a serial chain of ILS authentication configurations (for use in a consortial environment).

It is always worth checking config.ini for additional options, in case more have been added since the last update to this document.

configuration/authentication.txt · Last modified: 2019/12/17 20:55 by demiankatz