This service allows users to generate security tokens using a user account name and password.
By default, a token is tied to the client's credentials (username and password) and is valid for a specific period of time. A token can be retrieved manually by logging into FME the Token Service web service in a web browser or programmatically.
Token authentication provides a convenient way for your web applications to invoke FME Server web services and REST API. Instead of embedding pregenerated tokens into an application, your application should request a token from token service dynamically using user name and password via HTTPS. Once the token is obtained, the application can apply it to service requests via HTTP. In this context tokens should have short lifetime to be secure, such as one day.
Token authentication is applicable to the following FME Server web services:
If you would like to tie a token to the requester's IP address, then you need to set the following parameter to true in the web application property files of the Token service and all other services:
SECURE_CLIENT_ADDRESS=true
If this property is set to true, every token generated by the FME Token service will be bound to the requester's IP address. When a token gets validated by web services, the client's IP address will also be checked for validity.
Service URL
https://<host>:<port>/fmetoken/service/generate?<parameters>
The supported parameters are:
| Parameter | Description |
|---|---|
| user | The user ID |
| password | The user password |
| expiration | The token's expiration time |
| timeunit | The unit of expiration time (optional) |
The available values for timeunit are: