Changes Coming Soon
We will be retiring support for CAS in June of 2021. To utilize SSO to login into the Formstack platform after this date, please configure your identification provider for SAML 2.0. This does not apply to External Form Authentication, where CAS, LDAP, and Active Directory will remain active.
To prepare for a successful CAS (Central Authentication System) configuration on your Formstack Account, we have prepared a brief introduction and overview of our CAS configuration including basic terminology and uses. CAS may be used in conjunction with Single Sign-On (SSO) Authentication (only available on Enterprise plans)
Once you have gathered these details, you may proceed with your CAS setup in your Formstack account following this guide. Before enabling CAS on your Formstack Account, please familiarize and prepare the following authentication assets from your CAS Service Provider. The integration configuration guide can be accessed here.
Be sure to thoroughly test your settings before confirming them. It’s also a good idea to provide an alternative login option until you have confirmed that these settings work as intended or as a back-up method.
1. CAS (Redirect Authentication Provider)
CAS stands for Central Authentication Service and is a popular standard among higher education institutions. It commonly sits in front of a third-party authentication system such as LDAP or Active Directory and allows authentication to those systems without requiring a complicated LDAP setup. Unlike our other authentication providers, CAS doesn't provide an email address when returning the authentication result to Formstack, and that requires that the account owner manually add usernames to existing Formstack users. Formstack will then match the returned username for the authenticating user to a Formstack user and log the user in as that user.
Other than having to map external usernames to users, CAS is one of the easier authentication providers to setup and only requires three settings.
2. CAS Hostname
This setting is the hostname of the URL to use when redirecting the authenticating user.
3. CAS Port
This setting is the port of the URL to use when redirecting the authenticating user.
4. CAS Context
This setting is the context to add to the URL to use when redirecting the authenticating user. It allows the account owner to target a specific CAS implementation on the external authentication system.
Custom SSO User Fields
Within your CAS configuration, you will also be presented with a Single Sign-On (SSO) Autofill plugin that allows your users to populate fields on your forms with information from a selected SSO Provider and populate in your CAS Authentication settings page in Formstack:
Custom Field Key: Locate the custom field is your CAS account and retrieve the field unique identifier or field key ID. Copy this from CAS and paste to your Formstack account.
Custom Field Label: Copy the field label from the CAS account and paste to your Formstack account.
To complete the SSO Auto-fill mappings, please follow the setup steps outlined here.