Configuring FME Flow for Auth0 SAML Authentication

Richard Mosley
Richard Mosley
  • Updated

FME Version

  • FME 2024.0

Introduction

FME Flow 2022.0+ has incorporated SAML Authentication as a security login. You can configure FME Flow to use a variety of Identity Providers, and our documentation will give you information on what's required from FME Flow. This article offers a step-by-step configuration for using Auth0 as the Identity Provider, if you would like to use a different provider please see Configuring FME Flow for SAML Authentication for more step-by-step tutorials. 

 

Requirements

The URL of your FME Flow and the one you set up with your identity provider (IdP) does not need to be publicly accessible, however, FME Flow SSL configuration is required. Please follow the documentation to Configure FME Flow for HTTPS.

 

Step-by-step Instructions

Part 1: Identity Provider Configuration

1. In left-hand navigation select Applications and choose to Create Application.
Auth0-1.png

2. Choose Regular Web Application and give it a name that reflects the Server Application.

Auth0-2.png
3. Configure App for SAML
    a. Open the add-ons tab and double click on SAML2 Web App
    b. Under Settings set the Application Callback URL: 

<FMEFlowWebURL>/fmesaml/login/saml2/sso/fmeserver

       Where <FMEFlowWebURL> is the fully-qualified hostname for FME Flow, including both the hostname and domain.
    c. Enable and Save the SAML2 app
4. Download the Identity Provider Metadata from Application → Addons Tab → SAML2 App → Usage.

Auth0-4.png
5. By default your users should have access to all applications in your tenancy, however, if you have restricted access please make sure your users have access to the new app.
6. Please ensure that you have enabled Just-in-Time provisioning/Auto-Membership on Auth0 as this is a required setting for user creation. 

 

Part 2: FME Flow Configuration

  1. Logon to FME Flow and Navigate to User Management → SAML Configuration. 
  2. Import your IDP Metadata or provide the certificate and values.
  3. Select the default user role you wish users to have when they log into FME Flow. 
FMEFlowMetaData.png
 

Part 3: Test your Configuration

  1. Log out of FME Flow and you should now have the option to Log In With SAML.  Once selected you should be prompted with the Auth0 Sign-in page, proceed with entering your credentials and if the configuration is correct you should be redirected back to the FME Flow home page.
    SAML_Login.png           Auth0-Login.png
  2. Confirm that the user can log in and that the role and user information is as expected.
 
 
 

Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.