The Staff Member External ID Field

If your library's process for authenticating staff members requires an external ID, you can enter the ID on the Staff Member workform. Depending on your library's process, the external ID may be used during authentication when a staff member signs in to Leap or Polaris System Administration (web-based).

Note:
For more information about configuring authentication for Leap or Polaris System Administration (web-based), see the Polaris and OAuth 2.0 with OpenID Connect Integration Guide.

The External ID field displays the ExternalID value from the PolarisUsers database table. If you update the ExternalID field, your changes are written to the database.

An external ID maps a Polaris staff member to an ID used or provided by an external identity provider.

How the Authentication Process Uses the External ID

Staff authentication for Leap and for Polaris System Administration (web-based) is handled by one of the following identity providers:

• Active Directory and Active Directory Federation Services (AD FS)
• Azure Active Directory (Azure AD)

By default, during authentication, the system uses the user principal name (UPN) in the format of an email address to map a Polaris staff member to the corresponding Active Directory user or Azure AD user.

However, if an identity provider returns an ID that is not a UPN, or a UPN that is not in the same domain as the Polaris domain, you can configure the system to use the external ID to map the Polaris staff member to the corresponding identity provider user.

Note:
For information about enabling the use of the external ID in authentication, see the Polaris and OAuth 2.0 with OpenID Connect Integration Guide.