🛠️Setup OpenID flow
Last updated
Last updated
Select OpenId as Runtime authentication.
Create IAM Client with same setup as in example below.
Name IAM client so that it can be identified as being used by Flow. Also adding postfix describing authentication type would be a good idea.
Example name: NC_Flow_OpenId or Novacura_OpenId
Use same name for same type of IAM client in all customers IFS Cloud instances.
Add Authority URL and ClientId based on IFS Cloud info.
All the rest configurations can set as in example below.
Get Issuer URL value from IFS Cloud.
Add previously created IAM Client Id.
Flow User ID must be same as IFS Users Directory Id
If users are synchronized to Flow Server from Azure AD, follow instructions
https://help.novacuraflow.com/development/flow-studio/environment/active-directory-sync
OPEN ISSUE: If synchronization is set up, is there any effect in having "Use sync source for authentication" checked which is automatically set up during synchronization???
Flow apps using connector with Runtime authentication type OpenId authentication cannot be debugged in Studio.
For flow developer this means that prior debugging connector in flow must be changes to connector using Runtime authentication type of Client Credentials or Password Credentials. Alternatively, if flow has a lot of fragments and changing the connectors in all fragments takes a lot of time you can have copy of the flow (+ fragments) using connector using Runtime authentication type of Client Credentials or Password Credentials.
Notice that possible to have connector using Password Credentials requies that IFS User has password defined in IFS and SSO login is disabled.
If flow uses projections that require authentication as actual user in IFS, then debugging can only be done by running tests in NC client.
