Skip to main content

Form Post Begin Site Configuration Guide

Introduction

Use this guide to enable a SecureAuth IdP realm to utilize a Form Post begin site.

At this begin site, SecureAuth IdP can receive a form post from an application and extract the user ID, password, and the shared secret. From there, the end-user follows the SecureAuth IdP workflow configured in the realm (e.g. Multi-Factor Authentication) without requiring to enter the user ID or password, and is asserted to the Post Authentication target.

Prerequisites

1. Have access to Application X to configure the form post information

2. Create a New Realm or edit an existing realm to which Form Post applies in the SecureAuth IdP Web Admin

3. Configure the following tabs in the Web Admin before configuring for Form Post:

  • Overview – the description of the realm and SMTP connections must be defined

  • Data – an enterprise directory must be integrated with SecureAuth IdP

  • Workflow – the way in which users will access the target must be defined

  • Multi-Factor Methods – the Multi-Factor Authentication methods that will be used to access the target (if any) must be defined

  • Post Authentication – the target resource or post authentication action must be defined

  • Logs – the logs that will be enabled or disabled for this realm must be defined

SecureAuth IdP Configuration Steps

Workflow

44833007.png

1. In the Custom Identity Consumer section, select Token from the Receive Token dropdown

2. Select True from the Require Begin Site dropdown

3. Select Form Post from the Begin Site dropdown

4. FormPost.aspx auto-populates in the Begin Site URL field

5. Set the Get Shared Secret to a value between 1 and 223 if the Shared Secret information is to be posted (step 6)

Form Post

44833008.png

6. Select the information that will be posted from the Validation Mode dropdown

If Validate User ID + Shared Secret or Validate User ID + Password + Shared Secret is selected, then the Get Shared Secret field must be set to a value (step 5)

Warning

Click Save once the configurations have been completed and before leaving the Workflow page to avoid losing changes

Application X Configuration Steps

The following case-sensitive variables must be sent in the form post by the application:

  • UserID – The ID of the end-user to validate

  • Password – The password of the end-user to validation (required if validating password in step 6 of SecureAuth IdP Configuration Steps)

  • Mode – Public/Private

  • SharedSecret – Required if validating shared secret in step 6 of SecureAuth IdP Configuration Steps

Troubleshooting / Common Issues

The query string value ?Debug=True can be added to the FormPost.aspx page to view debug information about the form post values