Automatic Profile Creation in Talis Aspire Reading Lists

Talis Aspire Reading Lists supports the automatic creation of user profiles when a user logs in for the first time, and the continued update of that profile if changes to names and email addresses are made in university identity management systems.

This article describes what information to send and how to send it in order to make use of this functionality.

AutoProfileDiagram.001.jpeg

From the users perspective

If the student or academic has never logged in before, a profile will be created and filled out for them using the attributes in the SAML login conversation. This happens behind the scenes and won't prompt the user to take any specific action. They will be able to get on with adding reading intentions, creating bookmarks, or whatever else it was they were going to do.  We remove a potential friction point in the new user's experience. The user's Job Role is only updated at profile creation and can be changed later if needed.

For existing users, the profile first name, surname and email address will be replaced with the info in the attributes sent through the SAML login conversation if they have changed or are different to the ones in their current profile.

For all users the names and email address fields will no longer be editable as we will be deferring to the university identity management systems to be providing this.

On The University Side

You will need to send us the following four pieces of information to fill out the required fields in Talis Aspire. These should be sent as SAML attributes.

Talis can not help you with configuring your specific SAML IDP, as each University will have its own specific mix of authentication systems and data flows. The administrator of your University SAML2 Identity Provider (IDP) will need to do this for you.

SAML Attribute Name in the eduPerson Object Class Specification Talis Aspire Profile Field Description
One of the following:
givenName
urn:mace:dir:attribute-def:givenName
urn:oid:2.5.4.42

Official documentation

First Name The first or given name of the user
One of the following:
sn
urn:mace:dir:attribute-def:sn
urn:oid:2.5.4.4

Official documentation

Surname The Family or Surname of the user
One of the following:
mail
urn:mace:dir:attribute-def:mail
urn:oid:0.9.2342.19200300.100.1.3

Official documentation

Email Address The email of the user. Note that a profile will not be created if the email address is already in use by another profile.
urn:oid:1.3.6.1.4.1.5923.1.1.1.9

Official documentation

I'd describe myself as  staff is mapped to 'academic' and any other value is mapped to 'undergraduate'. See Notes for more info.

If the SAML attribute names do not appear exactly as described above, then the value will not be included in the user's profile. Additional attributes may be mapped if required, but we'd need to discuss this with you.

On the Talis Side

You will need to raise a support ticket asking us to enable this on your tenancy.

Talis will ask you some questions, and help you test that the required parameters are being passed correctly, and then once ready, they will configure this for you.

Important Notes

  • Users can not edit their names, and emails in their Talis Aspire profile after Auto Profile is enabled. All changes for names and emails would be fed through from the university provided SAML attributes.
  • Profile name, surname and email are automatically updated on every login if those values change in the SAML attributes.
  • If no value is sent through the SAML attributes for a name or email address, the field in Talis Aspire will keep its existing value.
  • The I'd describe myself as field in Talis Aspire is only used for reporting purposes and Users can change this as they wish. It is known as 'Job role' in the all list users report. It is only mapped at the first time a user logs in and their profile is created.
  • No permissions or privileges are granted to the user by the use of the scoped affiliation.
  • The specification only defines a limited set of possible values for the scoped affiliation. faculty, student, staff, alum, member, affiliate, employee, library-walk-in.
    • In Talis Aspire, staff is mapped to 'an academic' and anything else is mapped to 'an undergraduate'. There is no direct mapping for any other values.
  • To assign a list owner or publisher role, an academic would still need a profile and therefore log into the system at least once before a list can be assigned to them. 
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk