Completing Prerequisites for SAML Authentication
Before you can configure SAML authentication, you must ensure that the necessary prerequisites are completed for the type of authentication you want to set up.
To check the prerequisites on your system:
- Sign on to the Sierra Administration Application.
- In the Back End Management section, click SAML Configuration. The system displays the Management tab.
- Locate the Server Status section, and review the messages.
If all prerequisites are met, the system displays the message, "The system is ready". You can continue to the next step (configuring an identity provider).
Otherwise, you must address any error messages if they affect the type of SAML authentication you want to configure (that is, patron vs. staff). Possible messages include:
- Patron auth cannot be enabled as patron PINS are not enabled on the server.
- Contact Innovative to enable PINs on your system. SAML authentication requires the use of a PIN.
- Patron auth cannot be enabled as patron indexes do not appear to be set up.
- Contact Innovative to set up a patron index. SAML and native authentication require an indexed field that contains a unique value to find patron records. This value is chosen by your library (typically the barcode field is used).
- Staff auth cannot be enabled as secure SDA connections are not set up.
- Contact Innovative to enable secure encryption (stunnel). For more information, see Secure Encryption in the Sierra Desktop Application.
-
Webpac configuration is incomplete.
-
There is a problem with your WebPAC configuration that will prevent you from testing your SAML configuration. This affects both patron and staff authentication. Contact Innovative to resolve this issue.