CAS Authentication 

In this Article
Related Articles


Central Authentication Service, or CAS, is a single sign-on (SSO) protocol used by many organizations. In general, CAS allows users to log in once within an organization and then become authenticated everywhere within the organization. With FormAssembly, this means that your forms can only be submitted by respondents who have authenticated through CAS.  And, in combination with the CAS Prefill Connector, you can easily import attribute data directly into your forms.

The following instructions will show you how to set up your FormAssembly form so that only form respondents authenticated by a specific CAS provider (such as your enterprise or educational institution) can access the form.  

When using CAS authentication, form respondents will be taken to your standard CAS login screen when trying to access a form that is behind CAS authentication.

Getting Started

The CAS integration is available on FormAssembly Team plans or above.

The CAS system is complex and has several variations your institution may employ. Because of this, there are a few items you'll need before you begin this process:

  • The contact information for your institution's CAS administrator. Several of the changes below will need to be made on the CAS server-side, or will need information specific to your organization's CAS setup that only the administrator can provide.
  • An already created FormAssembly form. If you haven't set up an outline of your form yet, do that first before continuing with these instructions.
  • Credentials in the CAS system for a test user of the same type that will be completing the form. Often this will be at a lower access level than you, so you'll want to make sure you have test credentials that are appropriate.

Configuration Steps

Prior to enabling and setting up the CAS Prefill Connector, you will need to authenticate the CAS Connector to make sure that you are properly connected. You can do this by following these steps:

1. In the Processing page for your form, change Allow Responses from: from Anyone to CAS Authenticated Users.

2. Click the configure option that appears next to the setting you just changed.

3. In the CAS Authentication for Form Name screen, scroll to Step 1. In URL of CAS Endpoint, enter the URL of your CAS endpoint including its port number.

Note: This may be the first part where you need your CAS administrator's assistance. If you do not know the URL of your CAS endpoint, contact your administrator and send them a link to this document.

4. Next, under Type of CAS Server, leave the default setting of 2.0 unless you were told otherwise by your CAS administrator.

5. Also leave Skip SSL Verification on CAS Server checked unless told otherwise by your CAS administrator (as shown above).

6. Under Step 2: Test Connection, click Test. If you're not already logged into your CAS system, this will open a pop-up window for you to authenticate into your CAS instance. Once that authentication is complete, the window will close.

7. Step 3: Select CAS Attributes will now populate with options.

8. Choose the CAS attributes you'd like to be available on the FormAssembly instance as it authenticates your users. Be sure to select only the options that you'll need access to in your form, in order to reduce the time and memory footprint of the CAS communication.

9. Save the authenticator configuration and attempt to view your form. You should not be able to access the form without being logged into your CAS system.

CAS Prefill Connector

In addition to allowing only authenticated users to access your forms, you can use the CAS Prefill Connector to automatically fill in data on your forms. You can visit our  CAS Prefill Connector setup page in our knowledge base for more information on this process.

Terms of Service · Privacy Policy