Integrated Windows Authentication (IWA), also known as "single sign-on," allows Windows domain users to integrate their Windows login credentials with FME Server. When single sign-on is enabled:
- There is no need to log in to the FME Server Web User Interface. You are already logged in through Windows.
- Similarly, there is no need to log in to FME Server when using FME Workbench to publish a workspace. Instead, simply check 'Use Windows session credentials' in the Publish to FME Server wizard.
Note: When publishing a workspace to the Notification Service, you must still provide your FME Server credentials in the HTTP Authentication fields of the Edit Service Properties dialog of the wizard.
Note: Single sign-on is currently supported on Internet Explorer, Firefox and Chrome.
To enable single sign-on:
- Identify a service account.
- Update the Windows domain configuration to allow FME Server to authenticate using single sign-on.
- Update the FME Server configuration to enable single sign-on.
- Update the web browser configuration to use single sign-on.
- Verify the configuration. Log in to the FME Server Web User Interface under an IWA-configured user account, and perform the relevant checks here, depending on the permissions available to that account's role.