Overview
Public Forms provide a lightweight, low friction solution that allows you to collect information from unauthenticated users, i.e. members of the public. Generally Public Forms are for data entry and do NOT support retrieval and/or editing of existing Records.
This article provides an overview of the security features put in place for Public Forms. To learn more about implementing Public Forms, refer to Public Forms Best Practices.
IP Ranges
Respects IP ranges as configured in the general tenant settings.
reCaptcha v3
Low friction reCaptcha technology powered by Google to mitigate automated form submission.
Admin only Configuration
The 'out-of-Box' default security settings prevent non-administrators from creating Public Forms; this can configured.
File Upload Restrictions
Only permits common image file types to be uploaded (e.g. png, jpg, etc.) with maximum file size restricted to 20 MB and built in rate limiting. Automatic cleanup of image files that are not associated with a specific record.
Silent Failure
Operations which fail in a way that potentially 'leaks' information are designed to fail silently.
Secure, Rate Limited API Endpoints
Public Forms use dedicated API endpoints and server side filtering to minimise the amount of information reaching the browser. Rate Limits are hard coded to mitigate abuse.
Per Form Enable / Disable
Each Public Form has the ability to be enabled / disabled individually.
Logging
Configuration Change
Configuration changes made to Public Forms are logged.
Security Logging
A security log record is created each time a user accesses a Public Form.
Event Logging
Event logging can be configured for Public Forms
Input Sanitation
Input fields are sanitised to remove potentially malicious string sequences.
Lookup Restrictions
To reduce the risk of accidental data exposure, Public Forms 'picker reports' for lookups are restricted to display 1 single 'text' field and search, analyser is removed.
Workflow Restrictions
Workflows that are triggered by a record creation event are required to: 'run as owner'
Documented Best Practices
In addition to the built-in security precautions (outlined above) we strongly recommend adopting the additional identified best practices for Public Forms. These provide a strategy for isolating 'dirty' data (unverified submitted by unauthenticated users) from 'clean' data (generated by trusted, authenticated users).