This is where the security definitions defined in the Kapp are applied to the form.
Note: You don't need to specify security rules for a form unless you want to override what is defined at the Kapp level.
The Security tab has the following options:
- Anonymous: Indicates whether the form should allow for anonymous submissions. See Anonymous Forms for more information.
- Form Display: Controls who can see (and therefore submit) the form. It is not possible at this level to allow someone access to see but not submit the form. That would need to be controlled with rules on the front end, such as an advance condition, or within the workflow engine after submission (not to process or delete the submission).
- Form Modification: Controls who can change/update the form. This is often set to a security definition that includes form developers and platform admins.
- Submission Display: Controls who can see submissions. This is often set to the submitter of the submission and platform admins. Submission Display access also becomes important when retrieving search results. Searches will error if they contain too many (>25) submissions the user cannot access. This is something to remember when determining access for various forms and when constructing search queries.
- Submission Modification: Controls who can modify a particular submission. This is often set to the submitter of the submission and platform admins.
Anonymous forms allow you to capture data from your target audience without knowing who they are. The Anonymous feature is typically used for surveying employees or customers without revealing their identity, even if they are users in other areas of the Kinetic system.
When the Anonymous feature is enabled, submitting, closing, or otherwise updating a submission sets the submittedBy, updatedBy, and closedBy properties will all be set to "Anonymous".
Forms set as Anonymous and forms that allow unauthenticated users to submit are not the same.
Select the Anonymous checkbox on the Security tab to set a form to be Anonymous. This tells the application not to capture any of the information about the user who submitted it.
Forms can be set up to require the user to log in without capturing the submitter's information or to be public and without requiring a login.
To make a form public so that users don't need to be logged in, you can do one of the following:
- Set the form's "Form Display" security policy to "Everyone" for submitting a new submission
- Set the form's "Submission Access/Modification" security policy to "Everyone" if they are pre-generating a submission and sending it as a link (for example, when filling out a survey).
Important: If a user is logged in and you have a Bridge that is fetching the user's information and setting a field (such as the "Requested By/For" field), that information will still be captured and stored as a field value – even if the form is set to Anonymous.
If you want your forms to be truly anonymous, you'll need to disable any Bridges that are fetching user info and setting that data into fields.
Updated 16 days ago