Users in my organization use SSO through SAML in Microsoft Entra to log into our FME Flow server. Disabling the fmeserver.saml.authentication.force setting (as documented under the FME Flow Settings section of SAML Configuration) allows login to be a single click experience on our FME Flow server. This setting allows the web browser to provide the login credential for the user’s Windows session on their computer to authenticate through the SAML connection.
There should be a similar configuration option (or default configuration change) in FME Workbench in FME Form to allow us to let users have a single click login experience when they connect FME Workbench to our FME Flow server. I suspect that FME Workbench uses the WebView2 control to present a browser window to follow the authentication process when the user connects to FME Flow from FME Workbench through a SAML connection. Microsoft has documented a setting that can be enabled on the WebView2 control to allow passthrough of the Windows account credentials when authenticating through SAML called AllowSingleSignOnUsingOSPrimaryAccount (as documented at CoreWebView2EnvironmentOptions.AllowSingleSignOnUsingOSPrimaryAccount Property (Microsoft.Web.WebView2.Core) | Microsoft Learn).
With our recent upgrade to FME Form/Flow 2025.1, we want to be able to share our web connections hosted on our FME Flow instance to all users of FME Form. This would be simplified if the SAML login process in FME Flow were a single click (because FME Form is forcing reauthenticating the SAML connection to FME Flow every time we open FME Form).
Please allow us to configure (or change the default configuration for) FME Workbench to allow authentication through a SAML connection to our FME Flow server to be a single click experience like how we have FME Flow configured.