Feature Request – Read-only and Locked Fields for Pre-filled Microsoft Forms

Microsoft Forms has recently introduced support for pre-filled responses, which is a very valuable addition. However, the lack of read-only fields significantly limits its usability in real-world and enterprise application scenarios.

In many workflows, especially those involving bots, kiosks, or guided user interactions, some fields must be pre-populated with system-generated data such as user identity, email, or contextual information. These fields need to remain visible to the user for transparency, but must not be editable in order to guarantee data integrity and prevent tampering.

Currently, there is no reliable way to enforce this behavior. Even when using pre-filled URLs, users can still modify the values before submission. This creates a risk of data inconsistency and makes it difficult to maintain a secure and synchronized interaction between the client and backend systems.

This is not just a UX limitation, but also a data integrity issue in integrated workflows.

As a result, developers are forced to implement server-side validation and ignore user-provided values for critical fields, which defeats the purpose of pre-filling them in the first place.

This forces developers to rely entirely on server-side validation, reducing the effectiveness of pre-filled data and introducing unnecessary complexity.

While Power Apps can address this limitation, it is often too complex and heavy for simple scenarios where Microsoft Forms would otherwise be perfectly adequate.

Suggested improvement:

- Allow form fields to be marked as read-only or locked

- Optionally support hidden or system fields

- Allow pre-filled values to be protected against tampering

- Preserve compatibility with pre-filled URLs

This feature would enable Microsoft Forms to be used in secure, system-driven workflows without requiring migration to more complex platforms.