SAML Authentication 

In this Article
Related Articles

What is SAML?

SAML (or Security Assertion Markup Language) is a method for ensuring that data transmissions are secure, and, in the case of FormAssembly, for making sure that only certain authorized respondents are able to access your forms.  This feature is currently available for all users at the Enterprise Plan level.

Enabling this feature will restrict access to your forms by only allowing respondents who can be authenticated by your SAML server to access a form. Respondents without a valid username and password will not be able to access any form where you have enabled SAML authentication.  Additionally, respondents who are not logged in to your SAML identity provider will be automatically redirected and asked to log in, prior to accessing the protected form.

SAML authentication can also be used in conjunction with our Save & Resume feature.  Respondents who are authenticated through SAML will not need to enter a username or password, and can use their SAML credentials for saving and resuming forms.

If you are interested in setting up SAML authentication with Salesforce as the identity provider, you can find more information here.

Note that you will need to email your SAML metadata to with "SAML Setup" as the subject line.

Note: Once we have your metadata, you will need to access your instance's Service Provider (SP) metadata: - where "instance" is equal to the name of your Form Assembly instance.

Without entering your instance as an SP into your Identity Provider (IdP) the SAML authentication will not be successful.

SAML Authentication Setup Instructions

In order to enable SAML authentication, please log in to your SAML identity point and follow these steps:

  • On the Processing page, go to Allow Responses From and select SAML Authenticated Users
  • Then click Configure

  • Next, check that you would like to Enable SAML authentication and click Test.

Note: If you are not logged into your SAML identity provider, you will receive a pop-up a message asking you to do so.

  • Provided you are logged in to your SAML identity provider, after you click test, a list of SAML attributes and aliases will be shown. You can choose to enable those that you would like to use.

  • Once you have selected the attributes you would like to use, click apply.

SAML Prefill Connector

  • To enable the SAML prefill connector, begin by going to your Connectors page for the form you're working with
  • Next, drag in the SAML Prefill Connector into the view section of the timeline and click Configure.
  • Then map the fields in your form to the SAML session attributes that you would like to fill those fields.
  • When you're finished, click Apply

  • You're now ready to begin testing your SAML authentication and connector!

NameID Troubleshooting

If you are still not able to connect after setup, you may need to double check your NameID.

This is a common issue with ADFS.  Please review the following two articles for more information, NameID is missing and ADFS did not pass NameID.

Video Tutorial

Note: This video was created in our legacy interface. If you are using our new, Gemini interface, it will look different but the setup and implementation steps will be the same. If you run into any difficulty, please send support a message and we will help you resolve whatever issue you may be having.
Terms of Service · Privacy Policy