Authenticated web forms

The Access sub-tab (located under the Settings tab) allows you to set permissions to determine who has access to a form, with the exception of users with the form editor role, who will always have full access to the form regardless of the settings.

In most cases, you are only concerned with who can view and submit the form (“create submissions”). The other actions on this tab allow you to add specific users in addition to those that would have access automatically.

1 Getting there
- 1.1 Controlling who can view and submit forms
  - 1.1.1 Everyone
  - 1.1.2 Users who are logged in
  - 1.1.3 Users specified by Active Directory groups
  - 1.1.4 Users specified below
  - 1.1.5 Users who are logged out (for anonymous submission)
2 Editing and saving settings

Getting there

From the administration bar, select Workbench, and then select My Dashboard.
Navigate to the Forms list.
Locate the form you want to configure and select the drop-down menu under the Operations column.
Select Settings.
The settings for the form will then open, select the Access sub-tab (under the Settings tab).

Controlling who can view and submit forms

The CREATE SUBMISSIONS section has are several different options, each described below.

Please note, it is not possible to choose more than one option.

Everyone

The form does not require login to access, and can be used by all users, regardless of login status.

Users who are logged in

The form requires login to access, and can be used by all logged in users.

Users specified by Active Directory groups

By selecting this option, Access Control by Active Directory Group, Submissions, and Test Webform fields will become available.

The form requires login to access, but can only be used by users who meet the group requirements.

To only allow submission by specific groups, add the group names to the “limit” section, one per line, and leave the “prevent” section blank (anyone not a member of at least one of the groups is automatically prevented from having access.

To allow submission by anyone except specific groups, add the group names to the “prevent” section, one per line, and leave the “allow” section blank (anyone who is not a member of any of the groups is automatically allowed access).

By entering groups in both the “allow” and “prevent” sections, you are saying that you want to limit access to users who are in at least one of the allowed groups, unless they are in one of the prevented groups.

Active Directory groups may sometimes be referred to by a number of other names, including but not limited to “ADFS groups”, “security groups”, or “Nexus groups”. The WCMS gets its group information from the campus’s ADFS implementation.

Some commonly used groups:

IdM-HR-employee (anyone who is employed by the University)
IdM-HR-faculty (any faculty)
IdM-HR-retiree (any retiree)
IdM-alumni (any alumni)
IdM-SA-student (any registered student)

There is not a group that specifically identifies non-faculty staff. To limit form access to just staff, set the “limit” section to IdM-HR-employee and the “prevent” section to IdM-HR-faculty.

Users specified below

The form requires login to access, and can only be used by specified users.

Users must be added to the site to be given access. When entering multiple users, separate each with a comma.

Users who are logged out (for anonymous submission)

The form requires that users be logged out to access, and cannot be used by logged in users.

Editing and saving settings

When making changes, you must work one sub-tab at a time. Changes will be lost if you switch to another sub-tab without saving.

Select the desired sub-tab.
Make the desired changes.
Select Save.