Skip to main content
Solved

Use SAML account in FME Flow REST API

fei2000
Contributor
Forum|alt.badge.img+2

I am new to FME Flow. My organization had setup a FME Flow 2024.2 and integrated SAML for user login. 

I am just wondering whether I could use SAML account in FME Flow REST API and how to use it to generate a token for further REST API requests. Furthermore, is the generated token secure enough to prevent accessing other users’ resources, workspaces and data connections.

Thanks in advance,

Henry from TfNSW

Best answer by hkingsbury

For SAML users, I would think that they need to first login to the UI, then generate a token via https://<fmeflowurl>fmeserver/tokens/api.

 

@nielsgerrits ​@david_r Have either of you looked into this before?

View original
Did this help you find an answer to your question?

4 replies

hkingsbury
Celebrity
Forum|alt.badge.img+56
  • hkingsburyCelebrity
  • Celebrity
  • July 21, 2025

Hi Henry

 
The SAML user will be able to use the REST API. 
 
Token creation is based on the role the user has. For example, the user is part of a role that only has access to a repository called 'Transport'. When they go to create a REST API Token, they will only be able to create a token that has access to 'Transport'.
 
You can't control workspace sharing at the workspace level, but you can individually share database and web connections.
 
When a user uploads a Database or Web Connection, it can only be seen by that user, or an Admin, unless specifically shared to another user or role.
fei2000
1 person upvoted this
  • fei2000
    fei2000
fei2000
Contributor
Forum|alt.badge.img+2
  • fei2000Contributor
  • Author
  • Contributor
  • July 22, 2025

Thanks hkingsbury for the clarification of the token security and its use case.

Could you please detail how to create a REST API token by the SAML user? I had tried both REST API V3 and V4 to generate the token, and only the system user account could generate the token via REST API, but failed by the SAML users.

hkingsbury
Celebrity
Forum|alt.badge.img+56
  • hkingsburyCelebrity
  • Celebrity
  • Best Answer
  • July 22, 2025

For SAML users, I would think that they need to first login to the UI, then generate a token via https://<fmeflowurl>fmeserver/tokens/api.

 

@nielsgerrits ​@david_r Have either of you looked into this before?

nielsgerrits
1 person upvoted this
  • nielsgerrits
    nielsgerrits
fei2000
Contributor
Forum|alt.badge.img+2
  • fei2000Contributor
  • Author
  • Contributor
  • July 22, 2025

Thanks hkingsbury, I could login to the FME Flow with SAML account and generate an api token. Then I could use this token in https://[fmeflowserver]/fmerest/v3/[action]?fmetoken= for further REST API actions.

hkingsbury
1 person upvoted this
  • hkingsbury
    hkingsbury

Reply


Helpful Members This Week

Community Stats

31,585
Posts
119,761
Replies
39,233
Members

Latest FME

Terms & ConditionsCookie settingsAccessibility statement

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings
A product of
Safe Software respectfully acknowledges that we live, learn and work on the traditional and unceded territories of the Kwantlen, Katzie, and Semiahmoo First Nations.