Authentication models
This chapter describes different Authentication options between oData Flows and IFS Cloud.
Authentication is setup on configuration level in the oData connector admin interface.

Different authentication models
Each OData connector configuration has three authentication configuration categories, Design time and Runtime are mandatory.
Design time is used:
During workflow design in Flow Studio, setting up machine steps and exploring projections
Runtime is used:
During execution of user flows by any of the clients (mobile/web)
Executing machine workflows
Running flows in Testbench
Authentication flow type overview
Client Credential flow

Password Credentials flow

Basic authentication
Basic Authentication is not recommended for use with IFS Cloud as it is considered insecure and is disabled by default. But it's still supported by the oData connector.
Authorization Code Flow

OpenId flow

Summary of authentication flows
Below is a summary of main features of each authentication flow to consider when configuring OData configurations based on customer requirements and flow types developed.
Client Credentials
User and machine workflows
All clients
Design/Runtime
Pw in Flow Server/Ext. IDP in Flow Server OpenId configuration
Only IFS IDP
One IFS Service User linked to IFS IAM Client
No possibility to log into Aurena with service user
Password Credentials
User and machine workflows
All clients
Design/Runtime
FPw in Flow Server/Ext. IDP in Flow Server OpenId configuration
Only IFS IDP
Flow user
Flow user, connector level setup could contain users IFS user Id
Authorization Code
User workflows
Only mobile clients
Runtime
Pw in Flow Server/Ext. IDP in Flow Server OpenId configuration
IFS/External IDP
Flow user
Usable when flow is connecting to different systems of which all require their own authentication, IFS being one of them
OpenId
User workflows
All clients
Runtime
IFS IDP setup in Flow Server OpenId configuration
IFS/External IDP
Flow user
Web client and Portal2 requires separate API Manager to be purchased/configured by customer
Flow documentation about authentication
Last updated
Was this helpful?