Token Service
This service allows users to generate security tokens using a user account name and password.
By default, a token is tied to the client's credentials (username and password) and is valid for a specific period of time. A token can be retrieved manually by logging into FME the Token Service web service in a web browser or programmatically.
Token authentication provides a convenient way for your web applications to invoke FME Server web services, including the REST API. Instead of embedding pregenerated tokens into an application, your application should request a token from token service dynamically using user name and password via HTTPS. Once the token is obtained, the application can apply it to service requests via HTTP. In this context tokens should have short lifetime to be secure, such as one day.
Token authentication is applicable to the following FME Server web services:
- Data Download Service
- Job Submitter Service
- Data Streaming Service
- KML Network Link Service
- REST Service
Token Expiration Time
The maximum life of any token generated is two years. This means if you were to generate a token with a three-year expiration time, it would still be limited to 2 years. You may wish to shorten the maximum length of the token expiration for higher security in your application. To modify this setting, update the MAX_EXPIRATION parameter in the configuration file (propertiesFile.properties) found in the fmetoken webservice folder (<FMEServerDir>/Utilities/tomcat/webapps/fmetoken/WEB-INF/conf). For more information, see Web Application Properties.
Service URL
To return a token as plain text:
http://<host>:<port>/fmetoken/generate?<parameters>
To return a token in JSON:
http://<host>:<port>/fmetoken/generate.json?<parameters>
The supported parameters are:
Parameter | Description |
---|---|
user |
The user ID |
password |
The user password |
expiration |
The token's expiration time |
timeunit |
The unit of expiration time (optional), expressed as |
update |
When |
The following example generates a new token in JSON for user "admin" that expires in three days.
http://myhost:80/fmetoken/generate.json?user=admin&password=admin&expiration=3&timeunit=day&update=true
See Also