How to: Configure SmartForms to automatically pass through credentials in IE instead of prompting
kbt147443
PRODUCTObjective
In order to improve a user's experience it might be requested that SmartForms automatically log the user into the application, instead of prompting them for credentials. Our goal is to have the user be able to avoid the login prompt. This login and supplying of credentials is required as K2 SmartForms makes use of claims to authenticate the user. We just want the login process to be as simplified as possible. This login process will also only happen if the user does not have a token created for them, usually once per 8 hours which is the default for this token to expire.
The credential prompt will look like the following on IE:
In Chrome users will see the following for the credential prompt:
Before You Begin
- Note that this will only work if we are using NTLM (Windows) authentication. If SmartForms is configured to log the user in via forms, or an alternative 3rd party IdP, then this is not guaranteed to work as the Windows credentials passed might not be valid.
- If you would like to apply this across certain user bases it would be best to configure this through Group Policy within your organization. Below are a few threads that could assist you in doing so:
https://community.spiceworks.com/topic/1951380-adding-trusted-sites-using-gpo
https://deployhappiness.com/managing-internet-explorer-trusted-sites-with-group-policy/
We should add the K2 SmartForms site as a trusted site and ensure that the logon is set to Automatic logon with current user name and password via Group policy.
How-to Steps
1. Open up IE and go to Internet Options > Security > Trusted Sites. Click on the Sites button and add the K2 SmartForms site here.
2. On the same tab while selecting Trusted Sites, click on the "Custom level..." button. Scroll to the very bottom on the settings and search for the section User Authentication > Logon. Select the radio button for Automatic logon with current user name and password.
3. Click OK to save this and OK on the Internet options page to complete the saving on this settings change.
4. Clear your browser cache (This deletes the existing token and will have the user go through the login process again).
5. Access the SmartForms site, notice we will see it hit the /identity/ site in our navigation, but the user will not get prompted for credentials. The SmartForms site will load now without having the user supply credentials.