The Apricot Secure Web Form tool allows Administrators to create a direct URL, or web address, that bypasses the standard login and allows a user to directly access a Tier 1 form for new data entry only. Secure Web Forms allow individuals such as potential volunteers, donors, or service recipients to submit a request for more information or to complete an application directly into Apricot without having to log into Apricot or requiring that an application be manually entered into the database.
Note: Secure Web Forms should only be filled out by Participants using Apricot's supported browsers, Chrome or Firefox. If you would like for Participants to be able to fill out external forms using other browsers, consider using Intake Forms as an alternative.
Enabling Secure Web Forms
Click on "Administrator"
Choose "Workflow Station"
Choose "Apricot Settings"
Find the "A La Carte Features" section and check the box for "Secure Web Forms"
Important Secure Web Form Notes
Secure Web Forms can only be used to create new data
Secure Web Forms can only be used to create new data on a Tier 1 form
Secure Web Forms do not support wizard-style linking
Secure Web Forms are not generally a new form but allow a preexisting Tier 1 to accept submissions from outside of your Apricot
Secure Web Forms can be applied and removed from a Tier 1 form and no data loss will happen
Secure Web Forms will not allow a person to undo their submission
Secure Web Forms will potentially show all Quick View items on a preexisting record in your system if the Duplicate Check Fields find a duplicate already in your system
Note: For the purposes of this article, we are assuming that you have already built a Tier 1 form that you'd like to use as a web form, if not, please do so before following this guide.
Creating a Secure Web Form
Click on the Administrator tab
Click on "External Access"
Choose "Secure Web Forms"
Click "New Secure Web Form"
Designing your New Secure Web Form
Name the Secure Web Form. This name can be anything as it will not affect the actual form name which they see or the form within your system. In this example, our Secure Web Form name is a brief description of what this Secure Web Form will be doing: creating a new Client Profile.
Select the form that you'd like to use as the Secure Web Form. This can be any Tier 1 form within your site. In this example, we are choosing "Client Profile" which is a Tier 1 form that creates our Client Profile records.
Select a user to use as the "login user." This user needs to be assigned to only one program, and that program must have access to the form being used for your Secure Web Form. If you do not have a user that fits this criteria, you should create a dedicated Standard User that fits this criteria.
Next, we will need to choose the Program(s) which should have access to the record(s). The selections here are populated from the programs to which your chosen user is assigned.
Note: Under "Permissions" you should see "This user can: view, search create, edit". In the event that you do not see this, please either click on "Modify User Profile" and adjust the permission set to give the Secure Web Form user View, Search, Create, and Edit permissions for the form or choose a user who has the correct permissions necessary for your Secure Web Form.
Note: Multiple programs can be chosen for the Secure Web Form. In order for a program to display as an option, the "login user" must have at least View and Create permissions for the Secure Web Form within the desired programs. The selected programs will be assigned to the record when created.
Note: If using a Guest User for your Secure Web Form, you must also enable the Tier 1 form as a Guest Form in Apricot Settings under the Workflow Station in the Administrator tab.
Secure Web Form URLs
After we've saved the Secure Web Form, it generates two items:
Basic URL: this is the URL which you can distribute to anyone who you would like to access the Secure Web Form.
Embed URL: this is an iframe, to be used with HTML on your website, so that you can embed the link onto your organization's website (Note: the Ongoing Support team cannot help troubleshoot getting this into your organization's website; we suggest working with your internal IT Team).
Testing the Secure Web Form
We highly advise that you test the Secure Web Form before you begin to distribute the URL. Important: before you test, make sure you log completely out of your own Apricot database (or you may use your browser's version of an incognito mode or in-private browsing feature)! If you don't, you may not be able to access your Secure Web Form again, or your own Apricot temporarily. If this happens, you can enter the URL https://apricot.socialsolutions.com/auth/logout to force a logout.
Applicants/non-users will fill out the record just like anyone else would within your Apricot.
Name (this is a required and a duplicate check field in our example)
Date of Birth (this is a required and a duplicate check field in our example)
Submit - saves the record to your database
When the record is saved they can choose "Close" (which will then log them out of the system and bring them to the login page) or they can "Print" the record before closing it. They only get one chance to choose either option though!
Note: The Secure Web Form URL changes in the address bar. This is expected behavior.
The above screenshot is an example of what happens when someone tries to enter a record that has already been entered into the system. The very important item to note here is the Validation Failed Warning pop up box.
Distributing the URL
Now that the Secure Web Form has been created and tested you may now begin distributing the URL. Please remember a few items regarding the URL:
The Ongoing Support team can only assist with the Basic URL
The Basic URL is best distributed via email, a PDF file, or embedded in a website
The Basic URL cannot be pasted into a word processing program (such as Microsoft Word) and then distributed, as it will no longer function correctly
If you have any additional questions or concerns please contact the Ongoing Support Team.