We recently had a support request asking “How would I go about getting our FME Flow to be externally facing – ie to allow “client name” to be able to post a notification to a topic I have set up? “.
Gary Nicholson, Locus’s FME Flow Certified Professional answers:
When creating demos or prototypes using FME Flow I quite often have to open up access to a development FME Flow to be able to show the demo. Below are some of the ways I have used to achieve this and some ways that could be used in a production environment.
I have the flexibility to implement whatever method I choose but you are likely to be restricted by corporate IT policies so your first step in opening up access to FME Flow should be to talk to your IT department. Here are some suggestions to take to them:
- Open up port 80 through your firewall so external browsers can access FME Flow directly. If by some miracle this is allowed by IT then you should at least install an SSL certificate and use port 443.
- Use a reverse proxy that sits in your DMZ to take the external requests and forward them to FME Flow. This proxy can be locked down to only allow certain authorized requests through to FME Flow.
- Have a web server in the DMZ that handles the request and uses the FME Flow API to trigger workspaces.
- I have installed NGROK.com on the FME Flow machine and used it to forward requests from a public URL and it works quite well. Please ask your IT department before installing this!
- For a limited number of external users then a VPN could work. I use Hamachi from LogMeIn to network all my machines together and that also works well.
- Set up a separate FME Flow either in the DMZ or on a cloud VM. This would depend if the workspace needed to access internal data.
- Investigate if FME Flow Hosted would be an appropriate solution.
- Rather than giving access direct to FME Flow look at some of the other ways that Automations can fire a workspace. Maybe the external user can send an email or put a file in a DropBox folder?
If you have any other ideas to add to this list please let us know.