Skip to main content

Open ideas have been reviewed by our Product Management and are open for commenting and voting.

4500 Ideas

cyclomedia
Contributor
cyclomediaContributor

Support for Azure Managed Identity (System & User Assigned) in JDBC Connections for FME FlowOpen

Currently, FME Flow supports database connections via JDBC, but authentication typically relies on static credentials such as username and password. In modern cloud environments like Azure, using Managed Identity is a best practice for secure, secretless authentication.This idea proposes adding support for Azure Managed Identity including System Assigned and User Assigned identities for JDBC connections to databases such as Azure SQL Database, Azure Synapse, and other services that support token-based authentication.Why is this important?Eliminate hardcoded credentials: Reduces security risks and simplifies credential management. Cloud-native security: Aligns with Azure best practices and enterprise compliance requirements. Automatic token refresh: Improves reliability and reduces operational overhead. Flexibility: Support for both System Assigned and User Assigned identities allows organizations to choose the right approach for their architecture.How it could work:FME Flow detects it is running in Azure and uses the assigned Managed Identity. When establishing a JDBC connection, FME Flow retrieves an OAuth 2.0 access token from the Azure Instance Metadata Service (IMDS). The token is injected into the JDBC connection string or passed as a driver property (depending on the database/JDBC driver). Configuration options in FME Flow to select: Authentication mode: Managed Identity Identity type: System Assigned or specify a User Assigned identity (via client ID) Use Case Example: An organization runs FME Flow on an Azure VM with a User Assigned Managed Identity that has access to multiple Azure SQL Databases. Instead of storing credentials in FME Flow, the system automatically retrieves tokens for secure, passwordless connections. Security NecessityStoring static credentials in FME Flow or any application introduces significant risks:Credentials can be leaked through logs, backups, or misconfigurations. Manual rotation of passwords is error-prone and often neglected. Compliance frameworks (ISO, SOC, GDPR) increasingly require secretless authentication methods.By leveraging Azure Managed Identity, FME Flow can achieve zero-secret architecture, reducing attack surfaces and aligning with modern security standards.

joellejansen
Contributor
joellejansenContributor

Support for Azure DevOps in FME Flow Version ControlOpen

We would like to request support for Azure DevOps as a remote Git provider in the Version Control functionality of FME Flow. One of our clients recently upgraded from FME Flow 2024.2.1 to FME Flow 2025.1.2. In the previous version, they were successfully using Azure DevOps Git repositories to manage workspace versioning. After the upgrade, they are no longer able to push changes to their remote repository. The UI reports: “There was a problem communicating with the REST API.”And the backend logs show HTTP 500 errors when attempting to push.According to the documentation, only GitHub.com is officially supported. Azure DevOps is not listed, although it previously worked without issue. This limitation significantly impacts their ability to maintain version history and collaborate effectively. Could you please consider:Adding official support for Azure DevOps Git repositories in FME Flow Version Control. Providing documentation or configuration guidance for Azure DevOps integration. Ensuring compatibility with common enterprise Git platforms beyond GitHub.com.This feature would be highly valuable for organizations using Microsoft and would align FME Flow with broader enterprise DevOps practices. Please let us know if this request will be considered for a future release and if so, in which upcoming release. Thank you for your support! Kind regards,Joëlle Jansen-SoepenbergFME Consultant