Search

Configuring FME Flow for Google SAML Authentication

Merline George
Merline George
  • Updated

Introduction

FME Flow has incorporated SAML Authentication as a security mechanism for logging in. You can configure FME Flow to use a variety of Identity Providers, and our documentation provides information on what's required of FME Flow. This article provides a step-by-step guide to configuring Google as the Identity Provider. If you would like to use a different provider, please see Configuring FME Flow for SAML Authentication for more step-by-step tutorials. You can also refer to Google documentation to set up your own custom SAML app.

Requirements

The URL of your FME Flow and the one you set up with your Identity Provider (IdP) do not need to be publicly accessible; however, an SSL configuration is required for FME Flow. Please follow the documentation to Configure FME Flow for HTTPS.

Step-by-step Instructions

Part 1: Identity Provider Configuration

  1. Go to the Google Admin Console. Navigate to Apps > Web and mobile apps.

  2. Click Add App > Add custom SAML app.

  3. On the "Google Identity Provider details" page, download the IdP metadata file to be uploaded to the FME Flow Web user interface later.

  4. In the "Service Provider details" section, provide the Entity ID and ACS URL displayed on the "SAML Configuration" webpage of your FME Flow instance.

  5. [OPTIONAL] To assign FME Flow user attributes to new users according to a specified mapping, configure this "Attribute mapping" section. You can add attributes that correlate with information under a user's account, or with their Group memberships.

  6. Enable the SAML App for the entire organization or a particular group.

    1. In the app settings, go to the User Access section.

    2. To turn a service on or off for everyone in your organization, click On for everyone or Off for everyone, and then click Save.

    3. Instead of turning it on for the whole Org Unit, use the Groups filter on the left. Search for your relevant Google group. Set the Service Status to ON for that group only.

Part 2: FME Flow Configuration

1. Open FME Flow

Open and log in to FME Flow. Navigate to User Management  SAML Configuration

2. Import SAML 

Import your IdP Metadata or provide the certificate and values.

Select the default user role you wish users to have when they log into FME Flow. FMEFlowMetaData.png

Part 3: Test your Configuration

1. Log Out of FME Flow

Log out of FME Flow, and you should now have the option to Log In With SAML.  Once selected, you should be prompted to the Google Sign-in page; enter your credentials, and if the configuration is correct, you should be redirected back to the FME Flow home page.
SAML_Login.png

Confirm that the user can log in and that the role and user information are as expected.

Was this article helpful?

We're sorry to hear that.

Please tell us why.

As of January 14th, 2026, comments on knowledge base articles have been closed. To make sure questions don’t get missed and to enable more community support, we’ve moved discussions to the FME Community. If you have a question or a comment about this article, please create a new post or create a support ticket.