Hi - I’m working on a form for a project, and I’m running into an issue with encryption. Whenever I add encryption settings to a form, and add another user to the form (e.g., a data collector user), I’m unable to submit the finalized form. I get the following error (see screenshot). However, strangely, for the owner of the account this issue doesn’t appear, and I’m able to submit the form without any issue.
I have tried:
- Creating a new, one-quesion form, to make sure it wasn’t bugs in the code leading to the issue
- Ensuring encryption was set after adding new users
- Changing the public-private key pair
It would be helpful to get someone prompt help with this, since we want to start data collection soon, and this bug is stopping us from setting up encryption and adding data collector accounts before deploying to the field.
Did you happen set an explicit submission_url in the form settings?
And I see you are trying it above under an Android emulator, running on a Mac or PC, correct? So have you also tried it on actual Android device and do you see the same thing (I’m trying to reduce the variables here…)
FWIW dont bother - I just tried it myself on a physical Android device and seeing the same: encrypted form submits fine, as owner, but get same the 404 error if I try to submit from a different account to which the form was shared.
Investigating…
BTW, I have confirmed that anonymous encrypted submissions do appear to work OK, both from KoboCollect and Enketo.
Obviously, permitting anonymous submissions - against a form that is supposed to be encrypted - is not ideal… But if you are in a hurry and must urgently deploy this to multiple data collectors, and submissions must be encrypted, then this may be an option whilst this issue is being resolved. Provided you dont share the username of the form owner, then it is highly unlikely anybody unauthorized is going to be able to guess it, and thereby be able to surreptitiously submit to your form.
Perhaps a slightly better interim solution: it appears that sharing an encrypted form, but one that does not permit anonymous submissions, that you can still successfully submit to it from the shared account - after authenticating, obviously - but only with Enketo, via a URL link. Whereas trying to submit the same from KoboCollect will reliably give you the 404 error.
Again, not ideal if you intended to deploy your encrypted form and have it filled in using KoboCollect. But perhaps this will accommodate your encrypted form shared only with identified data collectors requirement in the interim?
Still investigating.
Thanks so much! Really appreciate your help looking into this. These alternative approaches – particularly using Enketo with a URL link – should work for now. Please let us know if you manage to figure out how we can use user accounts on a tablet with an encrypted form. Data collection should be going on for a few weeks, so we could push a change later, if we’re able to use user accounts again.
