Logging Into the Staff Web Client

Getting into ILLiad's Staff Web Client is straightforward, but the exact method depends on how your institution has set things up. You might use a traditional username and password, your institutional credentials through single sign-on, or even biometric authentication on mobile devices. Let's walk through each option so you know what to expect.

Using Your ILLiad Username and Password

If your library uses ILLiad's built-in authentication, you'll log in with credentials created specifically for the ILLiad system. This is the traditional approach many libraries have used for years.

When you navigate to your Staff Web Client URL, you'll see a clean login screen with two fields: username and password. Simply enter the credentials your administrator provided when your account was created. If this is your first time logging in, you might be prompted to change your password to something only you know.

Your password needs to be secure – typically at least 8 characters with a mix of uppercase and lowercase letters, plus at least one number. Some institutions require special characters too. Think of it as the key to your library's ILL operations, so make it strong but memorable.

The "Remember Me" checkbox is a convenient feature that keeps you logged in for up to 30 days on that specific device. It's perfect for your personal workstation, but never use it on shared computers. When you're working from a public terminal or a shared circulation desk computer, always skip this option and log out completely when you're done.

Single Sign-On (SSO) – One Password for Everything

Many institutions have moved to single sign-on, which means you use the same credentials for ILLiad that you use for email, HR systems, and other institutional resources. This is incredibly convenient – no more password sticky notes!

When SSO is enabled, you'll see a "Sign in with SSO" button on the login page. Click it, and you'll be redirected to your institution's familiar login page. This might be your university's portal or your library system's authentication screen. Log in there as you normally would, and you'll automatically be returned to ILLiad, already signed in.

The first time you use SSO with ILLiad, the system needs to connect your institutional identity with your ILLiad staff account. This usually happens automatically, but if you see an "Account not found" message, don't panic. Just contact your ILLiad administrator – they'll link your accounts, and you'll be all set for future logins.

Multi-Factor Authentication – Extra Security When You Need It

Some libraries add an extra layer of security with multi-factor authentication (MFA). After entering your password, you'll need to provide a second form of verification. This might seem like an extra step, but it significantly improves security, especially important when you're handling patron data.

The most common MFA method uses an authenticator app on your phone. Apps like Microsoft Authenticator, Google Authenticator, or Duo Mobile generate a new 6-digit code every 30 seconds. When prompted, just enter the current code from your app. The first time you set this up, you'll scan a QR code with your phone to link your account.

Some institutions offer alternatives like text messages or email codes. While these work, authenticator apps are more reliable and don't depend on cell service or email delivery delays.

Here's a crucial tip: When you set up MFA, the system will give you backup codes. Save these somewhere secure – not on a sticky note! If you lose your phone or can't access your authenticator app, these codes are your lifeline to get back into the system.

Logging In from Mobile Devices

The Staff Web Client shines on mobile devices, adapting its interface for touch screens and smaller displays. The login process works the same as on desktop, but with some mobile-specific enhancements.

On iPhones and iPads, you can use Touch ID or Face ID to log in after your initial authentication. The first time you sign in, Safari will ask if you want to use biometric authentication for this site. Accept this offer – it makes future logins as simple as looking at your phone or touching the home button.

Android devices offer similar convenience with fingerprint authentication. After your first successful login, Chrome will prompt you to use your fingerprint for future sessions. Your biometric data never leaves your device – it just unlocks your saved credentials.

Password managers work beautifully with the Staff Web Client. Whether you use your browser's built-in manager or apps like 1Password or LastPass, the login fields are properly labeled for automatic detection and filling.

Managing Your Sessions

Once you're logged in, it's helpful to understand how ILLiad manages your session. As long as you're actively working, you'll stay logged in. But if you step away for 30 minutes (or whatever timeout your administrator has set), you'll need to log in again. This automatic logout protects patron data if you forget to sign out.

You can be logged in on multiple devices simultaneously – your desktop computer, tablet, and phone can all have active sessions. This is perfect for staff who move between service points or work both at the desk and in the stacks. Logging out of one device doesn't affect the others.

The "Remember Me" feature extends your session up to 30 days, but there's still a maximum session length (usually 8 hours) before you need to re-authenticate. This balance keeps things convenient while maintaining security.

When Things Don't Work

"Invalid Username or Password" – First, check that caps lock is off. Make sure you're using your staff credentials, not your patron account. If you're still having trouble, try resetting your password or check with your administrator to ensure your account is active.

"Account Locked" – Too many failed login attempts will temporarily lock your account. Wait 15 minutes and try again, or contact your administrator for an immediate unlock.

SSO Problems – If SSO isn't working, try clearing your browser's cookies and cache, or use an incognito/private browsing window. Sometimes institutional login systems have their own issues, so check if colleagues are experiencing similar problems.

MFA Troubles – Authenticator apps are sensitive to time differences. Make sure your phone's time is set to automatic. If your code isn't working, try waiting for the next code to generate, or use one of your backup codes.

Keeping Your Account Secure

Good security habits protect not just your account, but your patrons' information too. Use a unique password for ILLiad – don't recycle your Netflix password here. If your institution doesn't require it, consider enabling MFA anyway for extra protection.

Always lock your computer when stepping away, even briefly. On shared computers, close all browser windows after logging out to ensure your session is completely ended. And if you ever see a login page that looks suspicious or asks for information beyond your username and password, stop and verify you're on the correct site.

Getting Help

Can't get in? Start by checking if ILLiad is up and running – your institution might have a status page. Try a different browser to rule out browser-specific issues. If you need a password reset and self-service isn't available, your ILLiad administrator can help.

Your administrator is your go-to person for all access issues. They can reset passwords, unlock accounts, help with MFA problems, and ensure your permissions are set correctly. Don't hesitate to reach out – getting you logged in and productive is part of their job.

Once you're successfully logged in, you're ready to explore the Staff Web Client's features. Your permissions determine what you'll see and what you can do, so let's look at Understanding User Permissions next.

Using Your ILLiad Username and Password​

Single Sign-On (SSO) – One Password for Everything​

Multi-Factor Authentication – Extra Security When You Need It​

Logging In from Mobile Devices​

Managing Your Sessions​

When Things Don't Work​

Keeping Your Account Secure​

Getting Help​