Anonymous Form Users

Good to Know

• For more information about configuring the anonymous form, refer to:
  • (Example) Use Anonymous Authentication in a Process-Based App
  • (Example) Use Anonymous Authentication in a Form-Based App
• To enforce strict security, AgilePoint highly recommends you use anonymous forms for data entry only, and avoid using lookups that connect to your backend systems.

  However, the decision whether to use lookups in anonymous forms is based on your business requirements. If your requires you to use a lookup to backend system, make that design choice as necessary.

• An app designer who configures an eForm to use anonymous authentication (used with anonymous forms) must have a role with the Allow Enabling Anonymous Access access right.

  The Allow Enabling Anonymous Access access right lets the application designer create an anonymous form in App Builder at design time. It does not control the security for the anonymous form or the anonymous form user at runtime. The user credentials used for the anonymous authentication access token do not require this access right.

• As a security best practice, in your access token for anonymous forms, AgilePoint recommends using a user with minimum access rights. This is a user with the Users role with the default access rights.
• Optionally, in AgilePoint NX OnPremises and AgilePoint NX PrivateCloud, anonymous forms can use the AgilePoint Service Account for authentication if you select User System Account when you configure an access token for anonymous forms. However, this practice carries security risks. It is not recommended unless you have a specific business requirement for Service Account access, and the security risks are mitigated.

  If you use the AgilePoint Service Account, the credentials are not stored in the database.

• If you have questions about the security impacts or best practices for anonymous forms, contact AgilePoint Professional Services.

Anonymous Form User Permission