Formstack Forms provides the ability to use your Single Sign On Identity Provider (IdP) as a password authentication method on a form. This can be important if you have a form that is collecting sensitive information from the user, is a form where only internal employees should have access to it, or for general locking down of the form without having to create a specific, unique password for the form.
This article will walk through the process of adding your provider and applying the setup as a password for your Formstack Form. If you are looking for the ability to use SSO Field Pre-fill to pre-fill a form via attributes from your authentication provider, please reference this article.
Adding Your SSO Provider
Applying Your Provider as a Password on Your Form
Adding Your SSO Provider -
- You first want to navigate to your Forms account. From the main page of the account, Click on your name/avatar on the top right of the page. This will open up a list of options. From there we want to select, "Form Authentication".
2. Once in the "Form Authentication" menu, you will see a button named, "Add Form Authentication". Select this button and you will be taken to the set up menu for your provider.
Note - Once your provider(s) have been set up, this "Form Authentication" menu is where you will see all of your providers listed.
Note - Once your provider(s) have been set up, this "Form Authentication" menu is where you will see all of your providers listed.
3. You will want to give a name for this provider set up as well as choose what type of authentication your provider is using. The most common today is SAML 2.0, but we also support the use of;
LDAP
Active Directory
CAS
Google SSO.
Active Directory
CAS
Google SSO.
4. Once you have entered the basic information, you will be presented with the detailed set up menu. You can either import your IdP metadata via URL, file, or via manual entry. Once you have entered this information, you will see the Formstack Service Provider Metadata at the bottom of the menu.
Applying Your Provider as a Password on Your Form -
1. To apply your Auth Provider as a password for your form, you will first want to go to the specific form you are wanting to apply the password to. Once in that form, you will want to click on the "settings" tab.
2. Once in settings, you will see a "security" option on the right hand side of the settings menu. Click that option.
3. Inside the security settings, click on the "form password" drop down menu and select, "Single Sign-On (SSO)" as the security option for the password. Once the option has been selected, you will be taken to the final menu for applying your auth provider as the form password.
4. Finally, select the auth provider you created from the drop down box and make sure to hit, "save". Your form is now password protected using your SSO auth provider.
While this setting is active, you should expect that any user that tries to access the form will be sent to a login portal for your SSO auth provider. They will need to use the username and password associated with your SSO settings. Once authenticated, they will be redirected back to the form and can then proceed filling it out.