# Howard University

# Howard User Admin

Information about student information and other SSO integration

# Alma Just In Time SAML provisioning

[https://github.com/WRLC/AlmaSAMLJIT](https://github.com/WRLC/AlmaSAMLJIT)

# AlmaSAMLJIT

<div class="markdown-heading" dir="auto" id="bkmrk-">[<svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg>](https://github.com/WRLC/AlmaSAMLJIT#almasamljit)</div>Alma SAML Just-In-Time user provisioning configuration

XSL Transformation scripts for JIT SAML provisioning of user accounts

## Testing and development

<div class="markdown-heading" dir="auto" id="bkmrk--2">[<svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg>](https://github.com/WRLC/AlmaSAMLJIT#testing-and-development)</div>Here is a good basic introduction to XSLT: [https://www.w3schools.com/xml/xsl\_intro.asp](https://www.w3schools.com/xml/xsl_intro.asp)

You can get the SAML response from the IdP using a URL like this (eg. HOW IZ):

[https://wrlc-hu.alma.exlibrisgroup.com/mng/login?auth=SAML&amp;idpCode=HUAzSSO&amp;test\_mode=true](https://wrlc-hu.alma.exlibrisgroup.com/mng/login?auth=SAML&idpCode=HUAzSSO&test_mode=true)

The URL can be generated by the Test button on the SAML Integration Profile Actions page.

Once you have that SAML response in an XML file, test your transformation like so:

```
xsltproc HUalmauser.xsl SAMLresponse.xml | xmllint --format -

```

<div class="snippet-clipboard-content notranslate position-relative overflow-auto" id="bkmrk--4"><div class="zeroclipboard-container"><svg aria-hidden="true" class="octicon octicon-copy js-clipboard-copy-icon" data-view-component="true" height="16" version="1.1" viewbox="0 0 16 16" width="16"></svg></div></div>## Installing XSL Transformation scripts

<div class="markdown-heading" dir="auto" id="bkmrk--5">[<svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg>](https://github.com/WRLC/AlmaSAMLJIT#installing-xsl-transformation-scripts)</div>To configure SAML JIT user provisioning, go to the SAML profile in Alma **Configuration &gt; General &gt; Integration Profiles**. In the **Self Registration** section (at the bottom) select the *Active* radio button and the *Update user upon login* checkbox to enable JIT provisioning.

Click the folder icon button next to *XSL configuration file*, Open your XSLT file and click *Save* to install the XSLT script.

In the same way you can install an updated XSLT script when it says a file exists. For example, Howard's JIT configuration has to be updated every year (usually the first week or two of August) to update the hard-coded Expiry and Purge dates for another year out (eg. 2026 -&gt; 2027).

## Alma documentation

<div class="markdown-heading" dir="auto" id="bkmrk--7">[<svg aria-hidden="true" class="octicon octicon-link" height="16" version="1.1" viewbox="0 0 16 16" width="16"><path d="m7.775 3.275 1.25-1.25a3.5 3.5 0 1 1 4.95 4.95l-2.5 2.5a3.5 3.5 0 0 1-4.95 0 .751.751 0 0 1 .018-1.042.751.751 0 0 1 1.042-.018 1.998 1.998 0 0 0 2.83 0l2.5-2.5a2.002 2.002 0 0 0-2.83-2.83l-1.25 1.25a.751.751 0 0 1-1.042-.018.751.751 0 0 1-.018-1.042Zm-4.69 9.64a1.998 1.998 0 0 0 2.83 0l1.25-1.25a.751.751 0 0 1 1.042.018.751.751 0 0 1 .018 1.042l-1.25 1.25a3.5 3.5 0 1 1-4.95-4.95l2.5-2.5a3.5 3.5 0 0 1 4.95 0 .751.751 0 0 1-.018 1.042.751.751 0 0 1-1.042.018 1.998 1.998 0 0 0-2.83 0l-2.5 2.5a1.998 1.998 0 0 0 0 2.83Z"></path></svg>](https://github.com/WRLC/AlmaSAMLJIT#alma-documentation)</div>- [Alma SAML Integration Profile](https://knowledge.exlibrisgroup.com/Alma/Product_Documentation/010Alma_Online_Help_(English)/090Integrations_with_External_Systems/060Authentication/020SAML-Based_Single_Sign-On_Sign-Off)
- [SAML JIT Configuration Sample](https://developers.exlibrisgroup.com/blog/saml-jit-just-in-time-configuration-sample/)
- [Alma User Record Data Dictionary](https://developers.exlibrisgroup.com/alma/apis/docs/xsd/rest_user.xsd/)

note: ARK has completed on 8/1/2025