Is it possible to run workspaces in FME Server as different user accounts i.e. service accounts?
I am aware of running FME Services Engine as a different account. The issue there is that over time you will have to grant this account access to a lot of different resources and this would not be good cyber-security practice.
In principle I don't think this is possible. But I'm guessing you could make different engine installations on separate servers that all connect to the same Core instance, and those engine installations could potentially run under different service accounts. You could then use server queues to redirect specific jobs to specific engines running with different service accounts.
+11
Workspaces in FME Server are run under the service account that the Windows service is run as (assuming you're on Windows). There is some information about how to run the services using different accounts here:
As @david_r has suggested, you could install multiple Engines on different machines and run each under a different account, then use the FME Server Job Queues to route jobs to different Engines.
Unfortunately, because it's the Windows service account that is used for running the jobs, there is no way to dynamically change this at run time.
The above is all related to the actual service account that FME Server services are running under. If, instead, you just need to run a job using a specific FME Server user account, you can do that with the FMEServerJobSubmitter transformer called from a controller workspace, as described in this post:
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
