Form 2.0 prefill when embedding

Form 2.0 prefill when embedding

When embedding a form 2.0 on a web page, form prefill currently does not work. Let's make oit work 🙂
37 Comments
Anonymous
Not applicable
I agree - this will be very useful for those of us trying to avoid iframe embeds of landing pages for simple forms.

Technically it is possible to make our own prefill code using the Marketo SOAP api... but it's a lot of work to implement.
Anonymous
Not applicable
Going back to Forms 1.0. is not a solution, since we are giving up on other 2.0 features.  This should be a high priority.
Anonymous
Not applicable
Agreed! Since it works on landing pages, how difficult a fix is this?
Anonymous
Not applicable
Not sure that the security concern cited by Marketo support as the reason this doesn't work, is valid...This should absolutely be a core, supported feature. 
Anonymous
Not applicable
This is a very necessary feature!
Anonymous
Not applicable
Completely agreed. Auto population is not a security concern when you're implementing on your own site - which I believe most would do. And the ability to turn it off can always be an option built into the form. Quite frankly I think it was incredibly short sighted to release PP in forms 2.0 and not prefill without surveying users/customers first - this is clearly a must have feature that I think was a no-brainer missed opportunity when 2.0 was being developed.
Adam_Vavrek1
Level 9 - Champion Alumni
If I could "Like" this Idea a million times, I would!
Mike_Reynolds2
Level 10

Prefill on forms embedded on an external site is not allowed generally as a security measure. You can get around it, and the developer's blog article here shows how to manually do this: http://developers.marketo.com/blog/external-page-prefill/ I can't speak for the Product team, but I doubt this functionality will be enabled by default. Progressive profiling will work, but prefill will not unless you manually enable it with the steps in that blog article

SanfordWhiteman
Level 10 - Community Moderator

But the technique in that blog post creates a DoS vulnerability for your Marketo instance.  A company with an understanding of risk -- if not security per se -- should reject that option out of hand. You'd be ignoring the security concern and allowing malicious users to break your other integrations.

There is a method of doing this securely and scalably, with opt-in from both sides (consumer/3rd-party website and producer/Marketo customer). I've haven't officially published it (though I've worked with it at some clients) but the more I see the API method mentioned the more I worry about what people are getting themselves into.

Mike_Reynolds2
Level 10

You make an excellent point about the security concerns. These are the same security concerns I was referring to in my earlier comment about why the Product team hasn't made this functionality available by default. It can be done. But it's a trade off and takes custom code. If you have another option you're developing that eliminates the security issue, I would love to hear it! I'm sure that a lot of folks would be happy to have another option.