Hallo.
i am trying to create connection between FME desktop and azure ad
i have client id an client secret and tennant id
but I am not sure ,what is [OAUTH Scope] ?
Where should I get it from ?
i have written
https://Storage.azure.com instead of Oauth scope because it is the resource.
then i clicked test but It shows me a window to log in with Microsoft online .
could someone advice me ,what should I do ?
thanks is in advance
fme 2021
Hi @soly, have you tried entering a non-admin Azure AD user credentials? Check out this article from Microsoft about the offline_access scope: https://learn.microsoft.com/en-us/azure/active-directory/develop/scopes-oidc#offline_access
Hi @soly, have you tried entering a non-admin Azure AD user credentials? Check out this article from Microsoft about the offline_access scope: https://learn.microsoft.com/en-us/azure/active-directory/develop/scopes-oidc#offline_access
thanks for reply ,
we have tried using https://storage.azure.com/.default
but it does not work .
we are looking for a method that work with out entering the user credentials ( user name and password )
is there a method to let it work with default scope ?
please ,explain the steps if you have new idea
i have read some articles about the connection but IT Security does not want to use User.Read ,offline access Bcs it requires user credentials ,what they said .
so I am looking for a method without user credentials .thanks a lot .
thanks for reply ,
we have tried using https://storage.azure.com/.default
but it does not work .
we are looking for a method that work with out entering the user credentials ( user name and password )
is there a method to let it work with default scope ?
please ,explain the steps if you have new idea
i have read some articles about the connection but IT Security does not want to use User.Read ,offline access Bcs it requires user credentials ,what they said .
so I am looking for a method without user credentials .thanks a lot .
@nampreetatsafe Do u have solution for me to create the connection by using default scope ?
https://learn.microsoft.com/en-us/entra/identity-platform/v2-oauth2-client-creds-grant-flow
Generally, this client credentials flow with MS Entra can be configured in FME for those requests which make use of the Graph API. It gets a bit more tricky when other MS APIs are involved, as there may or may not be API permissions available which support client credentials flow with those other MS APIs.
If you could provide some more details on your workflow in FME (i.e. what resource are you trying to access? What formats / transformers are you using in your FME workflow to try and access these resources?), we might be able to make some suggestions on how to get this client credentials flow going for you.
Even better if you could post a copy of your workspace (with sensitive info redacted, of course!). If you feel that a more detailed conversation is needed here, please don’t hesitate to file a support ticket with the Safe Support Team.