+24Have anyone managed to correctly set up FME Desktop (not FME Server - this is OK) to use Azure AD when logging in to an FME Server with Azure AD?
I have changed the template and the TENANT_ID and OAUTH_SCOPE and set the redirect url to http://localhost . However I get an error. Not sure where to go from here
The scope set is: scope=openid+profile+offline_access
Best answer by sigtill
With help from Safe software we found the error. https://localhost was added to the Web section and not the Mobile and desktop applications when configuring the service in the Azure portal!
Adding settings for FME Server is in the Web section, but the FME Desktop needs to be in the Mobile and Desktop section.
+10Hi @Sigbjørn Herstad ,
We have an article outlining the steps required for Creating an FME Server Azure Active Directory connection. If the Azure Active Directory login works for a user on FME Server then I might take things one step at a time, and confirm the Web Service, and then the Azure Web Connection, and finally the FME Server Azure Web Connection. If you have any thoughts on the article please let us know with some comments.
+24With help from Safe software we found the error. https://localhost was added to the Web section and not the Mobile and desktop applications when configuring the service in the Azure portal!
Adding settings for FME Server is in the Web section, but the FME Desktop needs to be in the Mobile and Desktop section.
+24Hi @Sigbjørn Herstad ,
We have an article outlining the steps required for Creating an FME Server Azure Active Directory connection. If the Azure Active Directory login works for a user on FME Server then I might take things one step at a time, and confirm the Web Service, and then the Azure Web Connection, and finally the FME Server Azure Web Connection. If you have any thoughts on the article please let us know with some comments.
The mentioned article is not up to date for FME:23 -
In Part 1: Create a Registered App - 1cii - URI: https://localhost (FME Desktop needs to keep the redirect local) - this is not a valid URI anymore when creating a new app registration. On the old already created app registrations it works. It might be that there is a new limitation on this now?
+5Hello @Sigbjørn Herstad ,
I tested with FME Flow 2023.0 Build 23283 and it worked well with the URI: https://localhost for the Azure app for FME Form 2023.0.0.0 Build 23249. Was the app granted admin consent? What error do you see with the new app?
+4Hello @Sigbjørn Herstad ,
I tested with FME Flow 2023.0 Build 23283 and it worked well with the URI: https://localhost for the Azure app for FME Form 2023.0.0.0 Build 23249. Was the app granted admin consent? What error do you see with the new app?
If you create the default URI and then add the https://localhost it works nicely!
+3In order to make this process a little more user friendly, perhaps in future versions of FME we can have the interface give the option to use the Authenticator=externalbrowser for the jdbc connection. I will submit an enhancement request.
+10In order to make this process a little more user friendly, perhaps in future versions of FME we can have the interface give the option to use the Authenticator=externalbrowser for the jdbc connection. I will submit an enhancement request.
Thanks @ericchez! We appreciate you submitting an enhancement request. The more details and reasoning we have for making the change, the easier it is for us to do.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
