Skip to main content
  • EN

We have a use case where we need to implement a webhook using FME. This will be called by a partner application.

This webhook has a predefined URI (in partner application side) like:

https://fmeserver/repo/worskapce1.fmw?attr=?attr2=?

Names of parameters cannot be changed and partner application is not willing to update the webhook to pass security token in the header.

 

We are planning to do security by only whitelisting the ip addresses of the partner application.

 

In this case, how we do call the FME workspace? Everytime I try to call my workspace, it returns an following error

"401-Unauthorized. The request has not been applied because it lacks valid authentication credentials for the Target resource"

 

  1. Is there no way to call FME workspaces without passing tokens in the header of the call?
  2. Is there a way to change the name of the token attribute in the header to something else? I can repurpose attr2 for this and provide a static token to the application.

Hi @sseth2011​ ,

Authentication for Web Services can be parsed in two ways:

  1. In the URL as part of the Query String using the key 'token'
  2. As an Authorization header

Documentation: https://docs.safe.com/fme/html/FME_Server_Documentation/ReferenceManual/authentication.htm

 

These are the only ways to input a token, please could you expand on why these are not satisfactory for your application and what exactly the alternative solution you are looking for would be?

Hi @sseth2011​ ,

Authentication for Web Services can be parsed in two ways:

  1. In the URL as part of the Query String using the key 'token'
  2. As an Authorization header

Documentation: https://docs.safe.com/fme/html/FME_Server_Documentation/ReferenceManual/authentication.htm

 

These are the only ways to input a token, please could you expand on why these are not satisfactory for your application and what exactly the alternative solution you are looking for would be?

Unfortunately the application which will call this web service is very rigid in terms of what can be changed. They don’t have a way to pass token in header or send it as part of query string. They do have a few predefined attributes which can be passed in query string but the names Of these attributes can’t be changed to “token “. Is there a way in fme so that we can make or expect the token in an attribute that is named something other than “token”?

you could setup a 'proxy' workbench that allows annonymous access. Then pass through the required information (including the token) to the 'proxy' in a format that the applciation allows. Then configure the proxy workbench to transform the incoming parameters into the correct format and then call the secured workbench from the proxy workbench

Reply


Community Stats

30,159
Posts
114,479
Replies
37,802
Members
Terms & ConditionsCookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.