We use Azure Entra ID to log in FME Flow.
The only user that uses the username/password option, is the admin-user.
My idea:
- move the option for the admin-user to login to a different url.
- add the option to make this “admin url” only available from a local network (or add some other security to limit access to this url). This way external users can never log in as the admin user.
- add the possibility to remove the “username/password” login from the login-page. When a user is already logged in via the browser with the users Azure Entra ID, this will cause the user to automatically login to FME Flow.
Benefits:
- more secure
- users don't have two login options which is confusing for my users. They tend to use the username/password-option (which does not work for them), while they only have to click the “Sign in with Microsoft”-button
- Better user experience: automatically logged in, without having to click an extra button.