We have created a Qualtrics survey which needs to be filled out by all of our employees so we are using a contact list generated from our internal Active Directory. The SSO Authenticator tool forces login and looks up the user through an LDAP lookup in the tool.
When a user receives a personal link to the survey they are forced to login, as expected, capturing the embedded data fields such as their name and email from AD. The problem is if the user does not complete the survey, and clicks the personal link at a later date, the survey logs them in without authenticating using the form username/password page. Worse, if another user gets access to this personal link somehow, they are logged into the original user's survey (no LDAP lookup to check for authentication).
This form is to capture sensitive, personal information and we cannot assume a link in an email will never be seen or mistakenly shared so we require that the survey user is ALWAYS authenticated.
How can we achieve this?
Page 1 / 1
Can you try and check if selecting option "Allow authenticating respondents to retake authenticated section" work? You can find this option under "Authenticator Options" see below:
https://www.qualtrics.com/support/survey-platform/survey-module/survey-flow/advanced-elements/authenticator/authenticator-overview/#AuthenticatorOptions
https://www.qualtrics.com/support/survey-platform/survey-module/survey-flow/advanced-elements/authenticator/authenticator-overview/#AuthenticatorOptions
Hi @jsmorrison! If you have not yet already, I would recommend reaching out to our Support Team so they can take a closer look into the settings you have applied to your authenticator. In the meantime, be sure to check out the link in Mohammedali's post!
Leave a Reply
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.