Exercise 1 | Create a new user and token |
Data | None |
Overall Goal | To teach users how to create users with limited permissions and get a token. |
Demonstrates | How to create a user and a new token |
This exercise is meant to teach users how to create a new user with limited permissions. When developing with the REST API it is advised not to use an admin token. The admin token has a lot of power that could be dangerous if exposed. By creating an account with limited permissions we are limiting risk if the token is exposed.
1) Open FME Server
Our first step will be to visit the FME Server. We can do this by going to:
<yourServerHost>/fmeserver
If you are using a training computer go to: localhost/fmeserver
If you are using a training computer login as the admin using these credentials:
Username: admin
Password: admin
WARNING |
On some training machines the FME Server will not automatically work. If once you log in, you see an error message:
"Could not connect to FME Core. Please ensure that it is running." Please open Task Manager, find all PostgresSQL tasks, select End task for each PostgresSQL task you see. Then restart your FME Server. You may restart your FME Server by finding FME Server 2018.1 in the Windows Start Menu. Then, select Restart FME Server. After the FME Server has restarted, try logging in again. |
2) Go to the Users page
Now, we are going to navigate to the Users page. We are going to the left-hand panel find Security and then click Users.
3) Create a new user
Click the New button at the top right-hand corner of the page.
When prompted, create a new user with the following parameters:
- Username: restapi
- Full Name: Forest Apier
- Password: restapi
4) Scroll down and assign permissions
When assigning permissions for your future users visit User Permissions to view the full documentation.
Now assign the following permissions:
Permission | Level of Permission | Description of Permission |
---|---|---|
Run Workspace | Advanced | Can access the Run Workspace page and access Job Directives when running workspaces. |
Jobs | Manage | Access and manage the jobs of all users. You can, cancel any job that is currently running, remove the history of jobs that were previously run, and manage Job Queues. (Also requires Manage permission in Engines & Licensing.) |
Repositories | Create | Access the Repositories page and create repositories. |
Individual Repositories click the down arrow on the right-hand corner of the Repositories permissions to show the Individual Repositories permissions. |
Samples = Download, Read, Run | Can download workspaces and other repository items from FME Server into Workbench. Can view repository information. Can run repository workspaces from FME Server. |
Workspace Viewer | Access | Can access the Workspace Viewer. |
Resources | Create | Access the Resources page and create new resources. |
Individual Resources click the down arrow on the right-hand corner of the Resources permissions to show the Individual Resources permissions. |
Data = Full access
Temp= Full access |
Can access, read and download a file. Can list the folders and files of a resource. Can write to files, upload files, and delete files. |
Projects | Create | Access the Projects page and create projects. |
Dashboards | Access | Access the Dashboards page. |
Engines & Licensing | Manage | Configure engines and licensing, except job queues (Also, requires Manage permission in Jobs). |
If you are creating a web application the permissions for the token should be limited to a specific repository.
The settings should look like this:
The Individual Repositories should look like this:
The Individual Resources should look like this:
5) Click OK to create the restapi User
6) Log into the FME Server as the restapi user and find your token
Log onto the FME Server as the restapi user.
- Username: restapi
- Password: restapi
Once we log into our FME Server it is important to check that all of the correct components are there.
In the left hand panel we should see, Run Workspace, Jobs, Repositories, Workspace Viewer, Resources, Projects, Dashboards, and Engines & Licensing.
Next, we can locate the user icon. This is the area we access if we wish to find more information about the user.
After we have selected the user icon, you can click Manage Token. To find the token.
Then, we can see the Current Token. Or, we can get a new token in this area. Click, New Token to extend the Expiration time of the current token.
Copy the Current Token.
7) Save this token
Open a Notepad++ Document and paste the token in the document for easy access.
CONGRATULATIONS |
By completing this exercise you have learned how to:
|