The following provides documentation on how to implement CAS Authentication in conjunction with Single Sign On (SSO) Authentication (only available on Enterprise plans). For directions on how to turn on Single Sign On Authentication start here.
CAS (Redirect Authentication Provider)
CAS stands for Central Authentication Service and is a popular standard among higher education institutions. It commonly sits in front of a third-party authentication system such as LDAP or Active Directory and allows authentication to those systems without requiring a complicated LDAP setup. Unlike our other authentication providers, CAS doesn't provide an email address when returning the authentication result to Formstack, and that requires that the account owner manually add usernames to existing Formstack users. Formstack will then match the returned username for the authenticating user to a Formstack user and log the user in as that user.
Other than having to map external usernames to users, CAS is one of the easier authentication providers to setup and only requires three settings.
This setting is the hostname of the URL to use when redirecting the authenticating user.
This setting is the port of the URL to use when redirecting the authenticating user.
This setting is the context to add to the URL to use when redirecting the authenticating user. It allows the account owner to target a specific CAS implementation on the external authentication system.