FME Version
Introduction
FME Flow 2022.0+ has incorporated SAML authentication as a security login. You can configure FME Flow to use a variety of Identity Providers, and our documentation will give you information on what's required from FME Flow. Here you can find step-by-step instructions for how to work with a few common providers. Most IdPs require SSL configuration, so if FME Flow is not configured with HTTPS please follow the documentation.
Once enabled, when a user signs in using SAML authentication that user will be added to FME Flow and assigned the permissions that have been set up in the SAML configuration. Note, all users who have access to the SAML application you create will have login rights to FME Flow.
Why use SAML Authentication
Security Assertion Markup Language (SAML) is a protocol for authenticating web applications. This can be useful not only within a company to adhere to a security practice, but also can be beneficial when connecting to an FME Flow or a Flow App outside of the internal network where traditional active directories are not useable. Most SAML providers also have another layer of security known as Multi-Factor Authentication(MFA). This added layer sits on top of the Identity Provider (IdP) SAML authentication and requires no additional configuration from FME Flow.
Articles
- Auth0 SAML Configuration for FME Flow
- Okta SAML Configuration for FME Flow
- OneLogin SAML Configuration for FME Flow
- AzureAD SAML Configuration for FME
User Attribute Mapping
Attributes are the user details stored in your SAML Identity Provider (IdP) which can be sent to your Service Provider (SP) i.e. FME Flow. This feature enables you to map these IDP user attributes to FME Flow user profile values. We have instructions for two common IdPs-
- Configure user attribute mapping with Azure AD SAML Provider
- Configure user attribute mapping with Okta SAML Provider
Publishing Workspaces from FME Workbench
To publish workspaces from FME Workbench to FME Flow via the Publishing Wizard,
- Check "Use Alternate Login Method", provide the following, and click "Continue"
- FME Flow Url: The URL of the FME Flow to which you want to connect.
- Log In with: Specify "SAML".
- On the login page for your SAML identity provider, enter your credentials.
- Proceed with the next dialog.
Comments
0 comments
Please sign in to leave a comment.