Managing Security Tokens

Select the User Settings icon >Manage Token.

Access toFME Flowis controlled through security tokens. Use the Token Management page to work with security tokens in the following ways:

  • API Tokens: For development purposes, you can create and manage tokens that allow unauthenticated access toFME Flow.
  • Session Tokens: Session tokens are created automatically when you log on toFME Flow.
  • All Tokens: Users with ManagepermissioninUser Managementcan view and manage the tokens of all users.

Working with API Tokens

For development purposes, you can create and manage tokens that allow unauthenticated access toFME Flow.

To get started, select theAPI Tokenstab.

  1. ClickNewor, to duplicate an existing token, select it and clickActions>Duplicate.
  2. On the Create (or Duplicating) API Token page, specify a tokenName,Description(optional),Expiration, andEnabledstatus.
  3. To grant the user of the token all permissions of the current user, slide theAll Permissionscontrol to the right. Otherwise, configure the permissions as desired.
    4. Warning  "> WarningTo guarantee the security of theFME Flow, ensure a token's permissions are configured so that it can be usedonlyfor its intended purpose, such as running a particularworkspace.
    • Access: Access theAutomationspage, and list workflows and tags.
    • Create: Create workflows.

      • Individual Automations:

      • Read: View a workflow and its log file.
      • Write: Edit or remove a workflow.
      • Run: Start and stop a workflow.
      • Apps: Run a workflow through anautomation app.
      • Webhooks: Access a URL generated by aWebhooktrigger that requires authentication.
      Note  "> NoteAutomations requires additional permissions. You are prompted to grant any additional permissions that are required.

    Manage: Access and manageBroadcast Messages.

    • Access: Access theDatabase ConnectionsandWeb Connectionspages.
    • Create: Create connections.
    • Manage: Access, create, and remove connections.

      • Individual Connections:

      • Access: Manage web services.
    • Access: Access theJobspage to view the jobs you have run, or cancel any of your jobs that are currently running or in queue.
    • Manage: Access and manage the jobs of all users. You can:
      • Cancel any job that is currently running.
      • Remove the history of jobs that were previously run.
    • Upload: Allow publishing FME packages fromFME FormtoFME Flow.
    • Access: Access theProjectspage.
    • Create: Create projects.

      • Individual Projects:

      • Read: View information about a project.
      • Write: Edit a project.
      • Delete: Delete a project, or delete items from a project.
      Note  "> Note访问或创建权限不需要甲型肝炎e Read/Write/Delete permission on individual projects. These tasks can still be accomplished with theREST API.
    • Access: Access thePublicationspage.
    • Create: Create Notification Service Publications.

      • Individual Publications:

      • Read: View information about a publication.
      • Write: Edit a publication.
      • Remove: Delete a publication.
    • Manage: Access toQueue Control,除了引擎分配规则(也需要马nage permission in Licensing & Engines).
    • Access: Access theWorkspacespage.
      • Note  "> NoteAccess permission is not required torun aworkspace. Only Run permission on the applicable repository is required (see below).
    • Create: Create repositories.

      • Individual Repositories:

      • Download: Downloadworkspaces and other repository items fromFME FlowintoFME Workbench.
      • Read: View repository information.
      • Publish: Publishworkspaces and other items to the repository fromFME Workbench.
      • Run: Run repositoryworkspaces fromFME Flow.
        • Note  "> NoteUsers must also have Allow permission on the applicable service (see Services) when runningworkspaces.
      • Remove: Remove a repository, or remove items from a repository.
      Note  "> NoteYou must uncheck all five permissions to completely remove a role from membership with a repository.
    • Access: Access theResourcespage.
    • Create: Create connections to network resources.

      • Individual Resource connections (top-level folders):

      • Access: Read and download a file.
      • List: List the folders and files of a resource.
      • Write: Write to files.
      • Upload: Upload files.
      • Remove: Delete files.
    • Access: Access theSchedulespage.
    • Create: Create schedules.

      • Individual Schedules:

      • Full Access: Edit or delete a schedule.
    • Manage: Access toSecurityconfigurations.
    • Access: Access theAutomation Appspage.
    • Create: Create new automation apps.

      • Individual Automation Apps:

      • Run: Run an automation app.
      • Read: Access an automation app.
      • Write: Edit or remove an automation app.
    • Access: Access theGallery Appspage.
    • Create: Create new gallery apps.

      • Individual Gallery Apps:

      • Run: Open links in a gallery app.
      • Read: Access a gallery app.
      • Write: Edit or remove a gallery app.
    • Access: Access theWorkspace Appspage.
    • Create: Create newworkspaceapps.

      • IndividualWorkspaceApps:

      • Run: Run aworkspaceapp.
      • Read: Access aworkspaceapp.
      • Write: Edit or remove aworkspaceapp.
    • Manage: Configure theFME Flowservices.

      • Individual Services:

      • Full Access: ManageFME Flowservices.
    • Access: Access theStreamspage.
    • Create: Create streams.

      • Individual Streams:

      • Read: View a stream.
      • Write: Edit or remove a stream.
    • Access: Access theSubscriptionspage.
    • Create: Create Notification Service Subscriptions.

      • Individual Subscriptions:

      • Read: View information about a subscription.
      • Write: Edit a subscription.
      • Remove: Delete a subscription.
    • Access: Access theTopicspage.
    • Create: Create topics.

      • Individual Topics:

      • Read: View information about a topic.
      • Write: Edit a topic.
      • Publish: Publish notifications to a topic.
      • Remove: Delete a topic.
    Note  "> Note Version Controlmust be enabled to view these permissions.
    • Access: Commit versions andview repository history.
    • Manage: Enable version control and configure with a remote Git repository.
  4. ClickOK.
  5. ClickDownloadto save the token. After the token downloads, clickOK.
  1. Click on the token to open it.
  2. On the Editing page, update theDescriptionand/orExpiration, and clickOK.

Select the token and clickActions>Remove,Enable, orDisable.

Alternatively, to enable or disable a token, click on the token. On the Editing page, update theEnabledstatus, and clickOK.

Working with Session Tokens

When you log in to the Web User Interface,FME Flowgrants you a security token to use the Interface for a period of 30 minutes. However,FME Flowautomatically extends this period if you remain logged in for more than 20 minutes and your browser window remains open. To view your token ID and expiration, select theSession Tokenstab.

To remove, disable, or enable an active session token, select it and clickActions>Remove,Disable, orEnable. To remove an expired token, select it and clickRemove.

Note  "> NoteExpired session tokens cannot be enabled or disabled.

Working with All Tokens

Users with ManagepermissioninUser Managementcan view and manage the tokens of all users. To view all user tokens, select theAll Tokenstab. Under Filters, you can limit your view by token owner, type (APIorSession), and status (ActiveorExpired).

To duplicate, remove, disable, or enable a token, select it and clickActions>Duplicate,Remove,Disable, orEnable.

If the token is an API token, you can click on it to view and edit its properties and permissions. For more information, seeWorking with API Tokens, above.