REST API header token authorization fails on FME Server 2017

Question

On FME Server 2017 Rest API V3, the header token based authentication always fails. I am setting the header based on this documentation: https://docs.safe.com/fme/html/FME_REST/apidoc/v3/index.html

For example:

curl -X GET -H "Content-type: application/json" -H "Accept: application/json"  \
-H "Authorization: fmetoken token=abc123456789"  \
'http://myfmeserver/fmedatastreaming/metering/meterping.fmw?meterid=123456'

receives the following error:

The request has not been applied because it lacks valid authentication credentials for the target resource.

But, using the token in a query param works:

curl -X GET -H "Content-type: application/json" -H "Accept: application/json"  \
'http://myfmeserver/fmedatastreaming/metering/meterping.fmw?meterid=123456&token;=abc123456789'

Also basic auth with an Authorization header works:

curl -X GET -H "Content-type: application/json" -H "Accept: application/json"  \
-H "Authorization:  Basic mybase64digest="  \
'http://myfmeserver/fmedatastreaming/metering/meterping.fmw?meterid=123456'

I checked CORS to make sure it was allowing Authorization headers, is there another configuration I need to check? Any help would be greatly appreciated!

laurawatsafe · Accepted Answer

Hi @danielspence,

It looks like you're hitting a bit of a shortcoming in FME Server when running a job using a URL to one of the services that isn't technically part of the REST API. The authorization header will only work when sending a request to a url that includes http://myfmeserver/fmerest/v3/ at the beginning.

In this case, the call is going directly to the data streaming service instead which doesn't support the the authorization header at this time. You would see the same behaviour when running the job using fmejobsubmitter or fmedatadownload as well. The calls to run a job that do support the authorization header are the ones documented at http://myfmeserver/fmerest under Transformations.

We have a few requests being tracked internally for adding support for this to the data streaming and data download services in FME Server, but it doesn't look like we have any Ideas for this posted yet. Would you be willing to post this to the Ideas page (https://knowledge.safe.com/content/idea/list.html)? The more votes your idea gets, the more likely it will be completed sooner.

danielspence · Answer

Hi @danielspence,

It looks like you're hitting a bit of a shortcoming in FME Server when running a job using a URL to one of the services that isn't technically part of the REST API. The authorization header will only work when sending a request to a url that includes http://myfmeserver/fmerest/v3/ at the beginning.

In this case, the call is going directly to the data streaming service instead which doesn't support the the authorization header at this time. You would see the same behaviour when running the job using fmejobsubmitter or fmedatadownload as well. The calls to run a job that do support the authorization header are the ones documented at http://myfmeserver/fmerest under Transformations.

We have a few requests being tracked internally for adding support for this to the data streaming and data download services in FME Server, but it doesn't look like we have any Ideas for this posted yet. Would you be willing to post this to the Ideas page (https://knowledge.safe.com/content/idea/list.html)? The more votes your idea gets, the more likely it will be completed sooner.

Thank you, for some reason I thought they were covered under the transformations API. I created a new idea here: https://knowledge.safe.com/idea/65109/support-for-adding-authorization-header-token-supp.html

Reply

Community Stats

Reply

Community Stats

Sign up

An FME Account is required to contribute

Login to the community

An FME Account is required to contribute

Scanning file for viruses.

This file cannot be downloaded