1.3 Authorization and Authentication

Security is always a significant consideration when working with any online service. The REST API works with security in two ways: authorization and authentication. Authentication proves that the user is who they say they are. Authorization verifies that the user is authorized to make the call.

Most calls to the FME Server require authorization. The REST API uses tokens to prove the user is permitted to make the call to the server. A token is a string of encrypted information that is sent between the client and the server. Token Security will not be as secure as other methods, as the security of the system depends on controlling access to the tokens.

When replacing <yourServerHost> with your hostname. You can use localhost if you are working on the machine where FME Server is installed. If you are accessing from a remote machine, you need to specify an accessible URL either by IP address or server hostname.


WARNING
Tokens can hold a lot of power. Tokens will have the same permissions as the owner of the token. For instance, an admin token will have the power to create a fmesuperuser. Before using a token, consider what permissions that token has.

results matching ""

    No results matching ""