Exercise | Create a new token |
Data | None |
Overall Goal | To teach users how to create a new token and set the permissions for the token. |
Demonstrates | How to create a new token |
This exercise is meant to teach users how to create a new token with limited permissions. When developing with the REST API it is advised to use a token with only the permissions needed for the application. Some tokens can be dangerous if exposed. By creating an account with limited permissions we are limiting risk if the token is exposed.
1) Open FME Server
Our first step will be to visit FME Server. We can do this by going to:
<yourServerHost>/fmeserver
If you are using a training computer go to: http://localhost/fmeserver
If you are using a training computer login as the admin using these credentials:
Username: admin
Password: admin
2) Go to the Token Management page
Now, we are going to navigate to the Token Management page. We are going to select the user icon in the top right of FME Server. Once, the icon is selected find Manage Tokens.
3) Create a new token
Click the +New button at the top right-hand corner of the page.
When prompted, create a new token with the following parameters:
- Token Name: Rest API Training Course
- Description: Token to be used during the Rest API Training Course
- Expiration Date: choose a logical date
- Enabled: ON
- All Permissions: OFF
4) Scroll down and assign permissions
When assigning permissions for your future users visit Managing Security Tokens to view the full documentation.
Now assign the following permissions:
Permission | Level of Permission | Description of Permission |
---|---|---|
Automations | Create | Can create Automations |
Jobs | Manage | Access and manage the jobs of all users. You can, cancel any job that is currently running, remove the history of jobs that were previously run, and manage Job Queues. (Also requires Manage permission in Engines & Licensing.) |
Licensing & Engines | Manage | Configure engines and licensing, except job queues (Also, requires Manage permission in Jobs). |
Repositories | Create | Access the Repositories page and create repositories. |
Individual Repositories click the down arrow on the right-hand corner of the Repositories permissions to show the Individual Repositories permissions. |
Samples = Download, Read, Run | Can download workspaces and other repository items from FME Server into Workbench. Can view repository information. Can run repository workspaces from FME Server. |
Resources | Create | Access the Resources page and create new resources. |
Individual Resources click the down arrow on the right-hand corner of the Resources permissions to show the Individual Resources permissions. |
Data = Access, List, Write, Upload, and Remove
Temp= Access, List, Write, Upload, and Remove |
Can access, read and download a file. Can list the folders and files of a resource. Can write to files, upload files, and delete files. |
Individual Services click the down arrow on the right-hand corner of the Services permissions to show the Individual Resources permissions. |
Data Download = Full Access
Data Streaming = Full Access Data Upload = Full Access Job Submitter = Full Access |
Can access services |
If you are creating a web application the permissions for the token should be limited to a specific repository.
The settings should look like this:
The individual Repositories should look like this:
The individual Resources should look like this:
The individual Services should look like this:
5) Click OK to create the new Token
6) Download the Token
Once the token has been created. You'll see a page with your token visible. This is the only time you'll be able see the Token in FME Server. Click download to download the token.
Click OK.
7) Save this file to the Desktop
Open the Downloads folder and move the fmetoken-Rest API Training Course to the Desktop.
CONGRATULATIONS |
By completing this exercise you have learned how to:
|