Exercise 3 Authorization and the REST API
Data None
Overall Goal To show how to properly authorize a call in the REST API
Demonstrates The info call


This shows how to create an authorized call in the FME Server REST API. Authorization is an essential component in the REST API. Most calls do require authorization as a way to verify that the user may access information from the server. Authorization in the FME Server REST API is handled with tokens. This will be demonstrated and further explained below.


1) Create the Call Below

GET http://<yourServerHost>/fmerest/v3/info

Copy and Paste this URL into the Toolbar in Postman and then click send!

This call will require a token. This next part of the demonstration will show you what happens when you make an unauthorized call to the server.

You should receive a message that says 401 Unauthorized. This is because we have not used a token to authorize the call. The next part of the guide will go over how to make a request on the server using a token.


2) Get A Token

There are many ways to get a token in the FME Server. The first way is to go to FME Server web interface. The right-hand corner features a user symbol. That's the user settings, then go to manage token.

Another way to get a token is by visiting,

  http://<yourServerHost>/fmetoken.


3) Use the Token in a Call

Now that we have a token we may use it in the request. Next to "GET" paste the following URL into Postman. Replace "yourTOKEN" with the token you have received from the server.

GET http://<yourServerHost>/fmerest/v3/info?fmetoken=<yourTOKEN>

You should receive the 200 response code from the FME Server. Please note, this is not the preferred method of authorization. By putting the token into the URL it is visible and will be less secure.


4) Use the Token in a Call Using the Preferred Method

The preferred method is to use the Authorization Header. To find where to place the Authorization Header, look underneath to the URL find the Headers section. In here, under key write Authorization. Then set the value to fmetoken token=your token. The URL should be

GET http://<yourServerHost>/fmerest/v3/info

Now try running the call by clicking the Send button.


5) Review the Response

Once you click Send, you will see this response in Postman. This call returns the build and version.

In this section, we went through the basics of making an authorized call to the FME Server.


6) Access the Presets section to add a preset

On the right-hand side of the screen, there is a section to create a Preset. Presets allow a user to save this authorization information for the future.


7) Create a new preset

Click add to add the preset.

Fill in the values to create the new preset:

  • Header Preset Name: Token
  • Key: Authorization
  • Value: fmetoken token= YourToken
  • Description: Token Expires


To use this Header Preset in future calls simply type token in the key section and select the preset. Then your header will automatically fill with the preset.


Other Authorization Option

You may also use the standard authorization within Postman. However, this course will use the token in the header.



CONGRATULATIONS
By completing this exercise you have learned how to:
  • Use a call with authorization in Postman
  • Create a Postman preset to save the token for later calls

results matching ""

    No results matching ""