• All Files

Managing Security Tokens

Select the User Settings icon > Manage Token.

Access to FME Server is controlled through security tokens. Use the Token Management page to work with security tokens in the following ways:

  • API Tokens: For development purposes, you can create and manage tokens that allow unauthenticated access to FME Server.
  • Session Tokens: Session tokens are created automatically when you log on to FME Server.
  • All Tokens: Users with Manage permission in Security can view and manage the tokens of all users.

Working with API Tokens

For development purposes, you can create and manage tokens that allow unauthenticated access to FME Server.

To get started, select the API Tokens tab.

ClosedTo Create an API Token
  1. Click New or, to duplicate an existing token, select it and click Actions > Duplicate.
  2. On the Create (or Duplicating) API Token page, specify a token Name, Description (optional), Expiration, and Enabled status.
  3. To grant the user of the token all permissions of the current user, slide the All Permissions control to the right. Otherwise, configure the permissions as desired.

    4. WARNING: To guarantee the security of the FME Server, ensure a token's permissions are configured so that it can be used only for its intended purpose, such as running a particular workspace.

    ClosedAbout permissions in FME Server
    ClosedRun Workspace
    ClosedJobs
    • Access: Access the Jobs page to view the jobs you have run, or cancel any of your jobs that are currently running or in queue.
    • Manage: Access and manage the jobs of all users. You can:
      • Cancel any job that is currently running.
      • Remove the history of jobs that were previously run.
      • Manage Job Queues. (Also requires Manage permission in Engines & Licensing.)
    ClosedAutomations
    • Access: Access the Automations page.
    • Create: Create workflows.

      • Individual Automations:

      • Read: View a workflow and its log file.
      • Write: Edit a workflow.
      • Run: Start and stop a workflow.

      Note: Automations requires additional permissions. You are prompted to grant any additional permissions that are required.

    ClosedSchedules
    • Access: Access the Schedules page.
    • Create: Create schedules.

      • Individual Schedules:

      • Full Access: Edit or delete a schedule.
    ClosedRepositories
    • Access: Access the Repositories page.

      • Note: Access permission is not required to run a workspace. Only Run permission on the applicable repository is required (see below).

    • Create: Create repositories.

      • Individual Repositories:

      • Download: Download workspaces and other repository items from FME Server into Workbench.
      • Read: View repository information.
      • Publish: Publish workspaces and other items to the repository from Workbench.
      • Run: Run repository workspaces from FME Server.

        • Note: Users must also have Allow permission on the applicable service (see Services) when running workspaces.

      • Remove: Remove a repository, or remove items from a repository.

      Note: You must uncheck all five permissions to completely remove a role from membership with a repository.

    ClosedVersion Control

    Note: Version Control must be enabled to view these permissions.

    • Access: Commit versions and view repository history.
    • Manage: Enable version control and configure with a remote Git repository.
    ClosedWorkspace Viewer
    ClosedServer Apps
    • Access: Access the Server Apps page.
    • Create: Create new FME Server apps.

      • Individual Server Apps:

      • Read: Access an FME Server app.
      • Write: Edit or Remove an FME Server app.
    ClosedPublications
    • Access: Access the Publications page.
    • Create: Create Notification Service Publications.

      • Individual Publications:

      • Read: View information about a publication.
      • Write: Edit a publication.
      • Remove: Delete a publication.
    ClosedSubscriptions
    • Access: Access the Subscriptions page.
    • Create: Create Notification Service Subscriptions.

      • Individual Subscriptions:

      • Read: View information about a subscription.
      • Write: Edit a subscription.
      • Remove: Delete a subscription.
    ClosedTopics
    • Access: Access the Topics page.
    • Create: Create topics.

      • Individual Topics:

      • Read: View information about a topic.
      • Write: Edit a topic.
      • Publish: Publish notifications to a topic.
      • Remove: Delete a topic.
    ClosedResources
    • Access: Access the Resources page.
    • Create: Create connections to network resources.

      • Individual Resource connections (top-level folders):

      • Access: Read and download a file.
      • List: List the folders and files of a resource.
      • Write: Write to files.
      • Upload: Upload files.
      • Remove: Delete files.
    ClosedConnections
    • Access: Access the Database Connections and Web Connections pages.
    • Create: Create connections.
    • Manage: Access, create, and remove connections.

      • Individual Connections:

      • Access: Manage web services.
    ClosedProjects
    • Access: Access the Projects page.
    • Create: Create projects.

      • Individual Projects:

      • Read: View information about a project.
      • Write: Edit a project.
      • Delete: Delete a project, or delete items from a project.

      Note: Access or Create permission is not required to have Read/Write/Delete permission on individual projects. These tasks can still be accomplished with the REST API.

    ClosedDashboards
    ClosedEngines & Licensing
    ClosedSecurity
    ClosedSystem Cleanup
    ClosedMetrics
    ClosedServices
    • Manage: Configure the FME Server services.

      • Individual Services:

      • Full Access: Manage FME Server services.
    ClosedSystem Events
    ClosedPackages
    • Upload: Allow publishing FME packages from FME Desktop to FME  Server.
  4. Click OK.
  5. Click Download to save the token. After the token downloads, click OK.
ClosedTo Update an API Token's Expiration or Description
  1. Click on the token to open it.
  2. On the Editing page, update the Description and/or Expiration, and click OK.
ClosedTo Remove, Enable, or Disable an API Token

Select the token and click Actions > Remove, Enable, or Disable.

Alternatively, to enable or disable a token, click on the token. On the Editing page, update the Enabled status, and click OK.

Working with Session Tokens

When you log in to the Web User Interface, FME Server grants you a security token to use the Interface for a period of 30 minutes. However, FME Server automatically extends this period if you remain logged in for more than 25 minutes. To view your token ID and expiration, select the Session Tokens tab.

To remove, disable, or enable a session token, select it and click Actions > Remove, Disable, or Enable.

Working with All Tokens

Users with Manage permission in Security can view and manage the tokens of all users. To view all user tokens, select the All Tokens tab. Under Filters, you can limit your view by token owner, type (API or Session), and status (Active or Expired).

To duplicate, remove, disable, or enable a token, select it and click Actions > Duplicate, Remove, Disable, or Enable.

If the token is an API token, you can click on it to view and edit its properties and permissions. For more information, see Working with API Tokens, above.