Skip to main content
Question

OneDrive connection security in Server App

john.beck
Contributor

I would like to know if I could compromise my microsoft account (hacker accessing my One Drive files and microsoft account) by putting my connection credentials for OneDrive in a script on the FME Cloud that is then accessed via a Server App.

4 replies

J
Forum|alt.badge.img+2

Hi @john.beck​ 

 

Why are you storing Microsoft credentials (I'm assuming username/password) in a script on FME Cloud?

Your credentials would be compromised if someone were able to log into FME Server (Cloud) and navigate to the resources where you've saved them and then copy them.

 

I would recommend using a web connection - that way you're never storing username/password on the FME Cloud machine. Only tokens will be stored, encrypted, in the FME Server database. These tokens are easy to revoke, and will only be given permissions for specific resources/actions.

 

You can read more about that in the Microsoft docs.

john.beck
Contributor
  • john.beckContributor
  • Author
  • Contributor
  • October 5, 2021

Thanks for the answer. I am storing the credentials (in a FME Server web connection) so that script users (via a Server App) can access data on my OneDrive account. The FME Cloud is protected by username/password, so I am not too worried about someone finding the credentials that way.

I am new to FME Cloud and don't understand tokens. Is there some good FME documentation on using tokens?

Thanks for the help.

danminneyatsaf
Safer
Forum|alt.badge.img+12
john.beck wrote:

Thanks for the answer. I am storing the credentials (in a FME Server web connection) so that script users (via a Server App) can access data on my OneDrive account. The FME Cloud is protected by username/password, so I am not too worried about someone finding the credentials that way.

I am new to FME Cloud and don't understand tokens. Is there some good FME documentation on using tokens?

Thanks for the help.

Hi @john.beck​,

You can find documentation for Web Connections here: http://docs.safe.com/fme/html/FME_Desktop_Documentation/FME_Workbench/!NamedConnections/options_web_service_connections.htm

 

As for tokens, you can navigate to the Tokens page by clicking the User Settings icon in the top right in FME Cloud > Manage Tokens. More information can be found here: https://docs.safe.com/fme/html/FME_Server_Documentation/WebUI/Manage-Token.htm

J
Forum|alt.badge.img+2
john.beck wrote:

Thanks for the answer. I am storing the credentials (in a FME Server web connection) so that script users (via a Server App) can access data on my OneDrive account. The FME Cloud is protected by username/password, so I am not too worried about someone finding the credentials that way.

I am new to FME Cloud and don't understand tokens. Is there some good FME documentation on using tokens?

Thanks for the help.

@john.beck​ The tokens I was referring to in my previous answer are oauth tokens - which you can read about here.

 

 

FME Server token documentation is available here.

Reply


Helpful Members This Week

Community Stats

31,319
Posts
118,817
Replies
38,946
Members

Latest FME

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.