SAML Authentication Setup 


In this Article
Related Articles

Overview

SAML (or Security Assertion Markup Language) for FormAssembly users is a method for ensuring that data transmissions are secure.  Enterprise users can currently request for SAML Single Sign On to be enabled on their instance. This will allow the users to sign into their FormAssembly account using their SAML credentials.  

Enabling this feature will restrict access to your forms by only allowing users who can be authenticated by your SAML server to access a form. 

If you are interested in setting up SAML authentication with Salesforce as the identity provider, you can find more information here.

Without entering your instance as an SP into your Identity Provider (IdP), the SAML authentication will not be successful.


Requirements


SSO Setup

  1. Admin Dashboard
  2. Click Settings and then Application from the left side menu
  3. New SAML section at bottom
  4. Click Configure SAML
    • If you're not currently logged in, you'll receive a popup that says You're not currently authenticated with your SAML Server.  Click OK on the popup and log into your SAML Domain.
  5. Under Update Method, choose your metadata option
    • Metadata URL Endpoint
      • This is provided by the Identity Provider.  
      • Enter your URL Endpoint
      • Select Update Domain
    • Metadata File
      • This is provided by the Identity Provider.  
      • Upload your Metadata File
      • Select Update Domain
    • Manual (Advanced)
      • Add SAML data manually.  
      • After entering your data manually, click Apply.
      • Select Update Domain
  6. After changes have been saved, your domain is set up and more options are shown for updating.
  7. Click Retrieve Attributes
    • If you're not currently logged in, you'll receive a popup that says You're not currently authenticated with your SAML Server.  Click OK on the popup and log into your SAML Domain.
  8. Your IDP attributes will be shown in the User Authentication Table.  
  9. These attributes will be disabled by default so you can enable the attributes that you'd like to use.
  10. Select Unique SAML attribute in your dropdown
    • If you do not select a unique SAML attribute dropdown, you'll receive a red error that your changes were not saved.
    • Your unique SAML attribute must be enabled to be used.
  11. Select Authentication formula if needed.
  12. Click Apply to save your changes
  13. Access your All Users list.  Edit Users that need to use SSO and select SSO under the Authentication Type dropdown.
  14. Users will use the unique attribute to log in. (How does this work?)

SAML Form by Form Authentication Initial Setup

  • From the Forms list, hover over Configure and select Processing
  • Choose Allow Responses from SAML Authenticated Users
  • Click Configure under Allow Responses from SAML Authenticated Users dropdown box
  • Under Update Method, choose your metadata option
    • Metadata URL Endpoint
      • This is provided by the Identity Provider.  
      • Enter your URL Endpoint
      • Select Update Domain
    • Metadata File
      • This is provided by the Identity Provider.  
      • Upload your Metadata File
      • Select Update Domain
    • Copy from Form
      • This is used to copy the SAML settings and setup from another form already using SAML Authentication in your instance.
      • Enter the ID of a form that already has SAML Authentication setup
      • Select Update Domain
    • Manual (Advanced)
      • Add SAML data manually.  
      • After entering your data manually, click Apply.
      • Select Update Domain
  • After changes have been saved, your domain is set up and more options are shown for updating.
  • Click Retrieve Attributes
    • If you're not currently logged in, you'll receive a popup that says You're not currently authenticated with your SAML Server.  Click OK on the popup and log into your SAML Domain.
  • Choose Attributes
  • Your IDP attributes will be shown in the User Authentication Table.  
  • These attributes will be disabled by default so you can enable the attributes that you'd like to use.
  • Select Unique SAML attribute in your dropdown
    • If you do not select a unique SAML attribute dropdown, you'll receive a red error that your changes were not saved.
    • Your unique SAML attribute must be enabled to be used.
  • Select Authentication formula if needed.
  • Click Apply to save your changes
  • You can test your settings by viewing the form which will now require a login.

SAML Prefill Connector Setup

  • Ensure SAML Authentication is setup on the Processing page of your form.  Follow the steps above to enable.
  • To enable the SAML prefill connector, click Connectors on the form you'd like to set up
  • Next, drag in the SAML Prefill Connector into the view section of the timeline and click Configure.

If Step 1 shows SAML Authentication for Form Respondents is disabled, you'll need to configure your SAML Authentication.

  • Then map the fields in your form to the SAML session attributes that you would like to fill those fields.
  • When you're finished, click Apply

  • You're now ready to begin testing your SAML authentication and connector!



Terms of Service · Privacy Policy