# Configure REST Connector for IFS Cloud

## Pre-requisite

You should already have the following information with you.

* Base URI
* well-know configuration endpoint for Open ID
* authorization endpoint 
* token endpoint
* Client Id
* Client secret (optional)

If not please take a look at the steps [IAM Client Registration](https://docs.novacura.com/flow-connect/working-with-connect/connect-to-systems/connectors/rest/ifs-cloud/iam-client-registration) & [Obtaining end-point info from IFS Cloud](https://docs.novacura.com/flow-connect/working-with-connect/connect-to-systems/connectors/rest/ifs-cloud/obtaining-end-point-info-from-ifs-cloud) for detailed instructions.

## Configure for interactive authentication

In [Flow Connect Hub](https://build.novacura.com),

1. Add [new REST connector](https://docs.novacura.com/flow-connect/working-with-connect/connect-to-systems/connectors/rest/..#add-connector)
2. Enter the configuration values as described below

   <table><thead><tr><th width="205">Configuration</th><th>Description</th></tr></thead><tbody><tr><td><strong>Agent Group</strong></td><td>Agent group where the connector should be executed</td></tr><tr><td><strong>Base URL</strong></td><td>Base URI of the IFS Cloud instance</td></tr><tr><td><strong>Authentication Type</strong></td><td><p>You can either choose <strong>OpenId Authentication</strong> or <strong>OAuth2-Authorization Code Flow</strong> as the Authentication Type<strong>.</strong> </p><p> </p><p>For <strong>OpenId Authentication,</strong></p><ul><li>Give a display name</li><li><strong>Authority URL</strong> - Add OpenID well-know configuration endpoint URL excluding the <code>.well-known/openid-configuration</code></li><li><strong>Client ID</strong> - IAM client id</li><li><strong>Scopes</strong> - Keep the default "openid"</li><li><p><strong>Advanced Options</strong></p><ul><li><p>Additionally, you can define advanced options like extra query parameters</p><p>For example,</p><p><code>prompt = select_account</code> will force the user to select an account if the user has multiple accounts authenticated or previously used on the authorization server</p></li><li>Keep the defaults for <strong>Validate Endpoints</strong>, <strong>Validate Issuer</strong> <strong>Name</strong>, <strong>Validate Token Issuer Name</strong></li><li>Enable <strong>Prefill User Email</strong> if you want to use the flow user email as the username/email in the IFS Cloud log-in prompt</li></ul></li></ul><p>For <strong>OAuth2-Authorization Code Flow,</strong></p><ul><li>Give a display name</li><li><strong>Authorization Endpoint</strong> - Add authorization endpoint </li><li><strong>Token Endpoint</strong> - Add token endpoint</li><li><strong>Client ID</strong> - IAM client id</li><li><strong>Client Secret</strong> - IAM client secret</li><li><strong>Scopes</strong> - Keep the default "openid"</li><li><p><strong>Advanced Options</strong></p><ul><li><p>Additionally, you can define advanced options like extra query parameters</p><p>For example,</p><p><code>prompt = select_account</code> will force the user to select an account if the user has multiple accounts authenticated or previously used on the authorization server</p></li><li>Enable <strong>PKCE</strong></li><li>Enable <strong>Prefill User Email</strong> if you want to use the flow user email as the username/email in the IFS Cloud log-in prompt</li></ul></li></ul><p></p></td></tr></tbody></table>
3. Choose **Save**