Enabling survey authentication

Integrations > Security > Survey Authentication > Authentication Enablement

Survey authentication is a mechanism for verifying respondents when they access surveys. When a user attempts to access a survey, Medallia Experience Cloud verifies the user's account with the user's identity provider (IdP). By using survey authentication:

  • Companies manage and authenticate user access to selected programs in a Experience Cloud instance, making sure confidential surveys cannot be accessed by external audiences.

  • In the case of Anonymous surveys, survey takers are redirected to their own survey post-authentication.

The general steps to implement survey authentication are:

  1. Collect the requisite information necessary to complete the implementation. See Before you begin.

  2. Configure the IdPs that will be available for survey authentication, so that they can be later assigned to specific survey programs. For more information, see Configuring SAML for survey authentication, Configuring OIDC for survey authentication, and Configuring Medallia as IdP for survey authentication.

  3. Enable authentication for a survey program. For more information, see Enabling authentication for a survey.

  4. Configure the verification mechanism on the instance based on the above information. For more information, see Configuring IdPs for the survey .

Before you begin

Before enabling authentication for a survey, obtain the survey program UUID:

  1. On the Surveys screen, select the desired survey.

  2. Click Edit at the bottom of the details pane

  3. Find the UUID in the URL on the navigation bar, right after /surveys/. For example:

    • URLhttps://company.medallia.com/company/admin/surveys/d5718776-0ebb-4741-ab54-f93a19b393ca/editor/draft

    • UUIDd5718776-0ebb-4741-ab54-f93a19b393ca

Enabling authentication for a survey

Survey authentication supports two different authentication levels:

  • None — No authentication is required to access the survey.

  • Required — Authentication is mandatory to access the survey.

To configure required-level authentication for the survey:

  1. On the Authentication Enablement screen, enter the survey UUID.

    Experience Cloud shows the survey name.

  2. Select Enable authentication.

    Selecting the checkbox sets the authentication level as "Required", which means authentication will be mandatory every time a user wants to access that survey program. The survey taker is authenticated from the first page of the survey.

  3. Click Save.

    Experience Cloud creates a new survey version from the selected survey with authentication enabled.

  4. Create a new survey version to reflect the changes. For more information, see Create and manage survey versions.

At this point, users cannot log into the survey because you still need to configure the verification mechanism on the instance. Complete the steps in the next section so that users can access the survey.

Configuring IdPs for the survey

After configuring basic authentication, associate one or more IdPs with the survey program to complete the setup.

To associate the IdPs with the program:

  1. On the Identity Provider Settings section, shuttle available IdPs on the left into the box to the right to link them to this survey.

    Screen capture showing the Identity Providers Setting section

    For each linked IdP, Experience Cloud shows a new section below, where the attribute mappings can be set.

  2. Complete the mapping setup for the selected IdP:

    1. The user identifier mapping is required for personalized surveys: it identifies which survey record applies to a given IdP user. To set this mapping:

      1. Enter a value for User Identifier Attribute.

      2. Enter a value for User Identifier Field.

        Restriction: This field must be an Event field with an Indexed Data type and must already exist in the program.

      3. Click Save.

    2. To add an additional mapping:

      1. Enter a value for IDP Attribute.

      2. Enter a value for Survey Field.

        Restriction: This field must be an Event field must already exist in the program.

      3. Click Add mapping.

      4. Repeat this action as many times as needed.

Warning: When an IdP is removed from the shuttle list, its IDP reference (mappings) in the survey is removed.

To prevent users with an IdP account from accessing other users' anonymous ballots, enter the same values used for the user identifier mapping as additional mapping. Otherwise, the original user's identifier attribute value will not be propagated to the ballot. For example, if Email was set for User Identifier Attribute and e_email for User Identifier Field, add a new mapping with Email as the value of IDP Attribute and e_email as the value of Survey Field, as shown in the following image:

Screen capture showing a mapping example using the same values for both user ID mappings and additional mapping

Personalized survey invitation

Restriction: This feature is inactive by default. Ask your Medallia expert to file a Feature activation request with Medallia Support.

For personalized invitations, a single survey link can be distributed to users with a personalized invitation link, so that they can use it to access their own survey instead of using their own personalized link. You can forward a personalized invitation email to another valid survey taker, who is redirected to their own survey.

This greatly eases distribution and access to surveys that require authentication, and allows surveys to use data from Event fields in an anonymous-style scenario. For information, see Event fields.

Restriction: To use this feature, you must enable authentication for a survey . Additionally, a personalized distribution must have already taken place.

Survey authentication diagram showing flow for personalized and anonymous surveys