Form.com and Key Survey applications can be configured to allow the Single Sign-On via SAML 2 using Service Provider (SP) initiated POST binding scheme. (http://en.wikipedia.org/wiki/SAML_2.0#HTTP_POST_Binding).
This document describes the configuration settings in the application and on the Identity Provider side that should be made to make SAML Single Sign On possible.
Please note that when SAML is used, the user must exist in the application database. So before the user may authenticate, a user record must be created in the application with the User Login matching the User ID returned by the Identity Provider. Depending on the type of the user one of the following methods may be used to add users into the application:
If your account type is Branded/ Private Label, the parameters below have to be provided to FORM. If you have a Self-Hosted instance of the application, these parameters have to be added to the config.properties file of the application.
Response from Identity Provider
The application is expecting one user parameter in return from the identity provider - NameID, which must match the login name of a user in the FORM system. If the system cannot find the user with such login name, HTTP 401 error response will be sent to the user.
Single Sign-On Configuration Documentation
Below you may find the PDF documents with the full description of Single Sign-On configuration: