# IAM Client Registration

{% hint style="info" %}
You can skip this step if an IAM client already exist. 
{% endhint %}

As the first step of configuring REST connector with IFS Cloud, a custom client in IFS IAM need to be registered. Depending on the type of authentication you have to create different custom client registrations. Custom clients can be registered in IFS Cloud via *Solution Manager > Security > Identity and Access Manager > IAM Client Details page*. For more info refer to the IFS Cloud documentation [Custom Client](https://docs.ifs.com/techdocs/21r2/045_administration_aurena/210_security/040_iam_settings/055_custom_client/).

To register a custom client in IFS Cloud,

1. Navigate to Solution Manager > Security > Identity and Access Manager > IAM Client Details page
2. Select **New** and fill in the information in the resulting dialog
   * Enter a Client ID and optional description
   * Enabled checkbox set to true
3. Depending on the type of authentication different configurations needed.
   1. For **Client Credentials flow**
      1. Service Accounts and Direct Access Grants checkboxes set to true
      2. Select an existing service user for the Username field in User Group section

         <figure><img src="https://help.novacuraflow.com/~gitbook/image?url=https%3A%2F%2F529897662-files.gitbook.io%2F%7E%2Ffiles%2Fv0%2Fb%2Fgitbook-x-prod.appspot.com%2Fo%2Fspaces%252F-LtPTgZOYmpJka4jqs1v-3406065915%252Fuploads%252FdcCmUeNHaofKZ0aKY0So%252FIFS%2520IAM%25201.png%3Falt%3Dmedia%26token%3D16cdd62b-ce61-4b5e-9b45-57799baf528f&#x26;width=768&#x26;dpr=4&#x26;quality=100&#x26;sign=6ef1dfad&#x26;sv=2" alt=""><figcaption></figcaption></figure>
   2. For **Password Credentials flow**
      1. Service Accounts checkbox set to false
      2. Direct Access Grants checkbox set to true

         <figure><img src="https://1716064794-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FIIgl6sNaTky0iALxYWHH%2Fuploads%2FuDKRUXIl5GMKKGjZvdQg%2Fimage.png?alt=media&#x26;token=6dd667f7-2734-4389-a6bd-b1112d3c3caf" alt=""><figcaption></figcaption></figure>
   3. For **Authorization Code Flow**
      1. Service Account and Direct Access Grants checkboxes set to false
      2. Public Client can be set to true or false.
      3. Redirect Uri is set appropriately depending on the client type. More info on [redirect URI's](https://docs.novacura.com/flow-connect/working-with-connect/connect-to-systems/redirect-uris)

         <figure><img src="https://1716064794-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FIIgl6sNaTky0iALxYWHH%2Fuploads%2FaSLdOZoZlh9WZ32gekIn%2Fimage.png?alt=media&#x26;token=3bad28ff-771f-4dc4-a574-b4adb61eafa0" alt=""><figcaption></figcaption></figure>
   4. For **Open ID**
      1. Public client is set to true
      2. Service Account and Direct Access Grants checkboxes set to false
      3. Redirect Uri is set appropriately depending on the client type. More info on [redirect URI's](https://docs.novacura.com/flow-connect/working-with-connect/connect-to-systems/redirect-uris)
4. Once saved a Client Secret will be generated except for IAM clients with public client setting set to true .&#x20;

   <figure><img src="https://1716064794-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FIIgl6sNaTky0iALxYWHH%2Fuploads%2F2SR7RSw01i5Lwff6jBbV%2Fimage.png?alt=media&#x26;token=6f5637df-6959-4c4e-890c-8615d2533f2c" alt=""><figcaption></figcaption></figure>

At the end of the first step you should have the **Client ID** and optionally a **Client Secret.**