The page addresses well known issues users may encounter with Single Sign on (SSO), which is enabled for the our resources via OpenAthens as well as the Library Catalog.
As NOAA Library leverages NOAA's Single Sign On, a large portion of this documentation is largely based on the NOAA ICAM's help documentation, but has been customized to provide more context to specify how it SSO interacts with Primo.
If you simply interested in the the NOAA SSO process and would like to see a general walkthrough, visit the the following page (available for NOAA staff only)
The section aims to walk you through some common troubleshooting steps if you are experiencing issues with NOAA SSO.
"Unable to find your CAC/PIV info in our directory" message
If you receive this message, you nevertheless should be able access library resources via NOAA SSO. You just need to take the steps listed below.
Either open a new browser window in private mode (Incognito for Chrome, Private Window for Firefox, InPrivate for Edge) and begin the SSO process again, however, when you are prompted to select your certificate, click on the cancel button.
In clicking cancel, you should see the message - "Unable to read the certificate on your smart card". Click the teal continue button.
In clicking continue, you will be prompted to enter your NOAA Username and Password. For your NOAA Username, do not enter @noaa.gov at the end.
During the SSO process, you should be prompted to select a certificate - see more information on ICAM's SSO Login Steps page.
If not, there are two possible issues with not getting prompted to choose a certificate during SSO login:
You see this message after five failed login attempts, your ICAM account gets locked. This is an automate process and your account will be unlocked automatically after 5 minutes. You can try logging in after 5 minutes. If you don't remember your password, contact your local IT department for a password reset request.
Any change to a user email address must also trigger an update to any CAC associated with the address. It is suggested that the CAC card not be changed until shortly after the new address actually exists and is in use. Scheduling this is a local responsibility. Failure to update your CAC would cause NOAA SSO login issues.
After updating your CAC, it may take up to a week for this update to be reflected in ICAM.
It may take up to one week for ICAM reflect updated CAC date. This process involves the cleanup of the old certificate and the population user's profile with the new certificate which may take several days.