☁️
Flow IFS Cloud Development Guidelines
  • Flow IFS Cloud Development Guidelines
  • 👶Getting started
    • OData Basics
    • IFS Cloud
    • Terminology
    • Useful Applications
    • IFS documentation
      • IFS API Explorer
      • Entity details
    • Setting up the OData connector
      • Configure connection between Flow Server and IFS Cloud
      • Selecting which configurations are visible in Flow Server
  • 👩‍💻Flow Development with OData
    • Architecture
    • Flow development and distribution strategy
    • Implementation
      • Operations in OData machine steps
      • Missing operations
      • Translations
      • Iteration
      • Join data sets
      • Misc Tips and trix
      • Document / Media Library Management
      • Response status handling
        • Errors from IFS
      • Operation specific notes
        • Set input parameters using flow script
        • Update
        • 🛠️WIP - Create
        • Read
    • Configuration
      • Authentication models
        • Setup Client credential flow
        • 🛠️Setup Password credentials flow
        • 🛠️Setup Authorization code flow
        • 🛠️Setup OpenID flow
        • Obtaining Authentication related URLs from IFS Cloud
      • Projection administration
        • Administrating new projections
        • Administrating updated projections
      • Configuring projections in IFS
        • Custom Entities
        • Custom Projections
        • 🛠️WIP - Query Designer
        • Quick Reports
    • Trigger Flows from IFS Cloud
      • Trigger User Flows via External Navigation Links
      • Trigger Machine Flows via BPA using commands
      • 🛠️Trigger Flow via Event Action
    • Debugging and Testing
      • Aurena debugging
        • Inspect in web browser
        • IFS debug console
      • OData Connector Log
  • 🪄Advanced
    • Custom Request
    • C# usage in the OData connector
      • Different methods
      • Building request
      • 🛠️WIP - Code examples
Powered by GitBook
On this page
  • Setup OData connector configuration
  • Flow Server OpenId configuration
  • Create IFS IAM Client
  • Setup OpenId in Flow Server
  • IFS User and Flow Server User Setup
  • WIP - Effect to Flow development

Was this helpful?

  1. Flow Development with OData
  2. Configuration
  3. Authentication models

Setup OpenID flow

PreviousSetup Authorization code flowNextObtaining Authentication related URLs from IFS Cloud

Last updated 1 year ago

Was this helpful?

Setup OData connector configuration

Select OpenId as Runtime authentication.

Flow Server OpenId configuration

Create IFS IAM Client

Create IAM Client with same setup as in example below.

Name IAM client so that it can be identified as being used by Flow. Also adding postfix describing authentication type would be a good idea.

Example name: NC_Flow_OpenId or Novacura_OpenId

Use same name for same type of IAM client in all customers IFS Cloud instances.

Setup OpenId in Flow Server

Add Authority URL and ClientId based on IFS Cloud info.

All the rest configurations can set as in example below.

AuthorityURL

Get Issuer URL value from IFS Cloud.

ClientId

Add previously created IAM Client Id.

IFS User and Flow Server User Setup

Flow User ID must be same as IFS Users Directory Id

If users are synchronized to Flow Server from Azure AD, follow instructions

OPEN ISSUE: If synchronization is set up, is there any effect in having "Use sync source for authentication" checked which is automatically set up during synchronization???

WIP - Effect to Flow development

Flow apps using connector with Runtime authentication type OpenId authentication cannot be debugged in Studio.

For flow developer this means that prior debugging connector in flow must be changes to connector using Runtime authentication type of Client Credentials or Password Credentials. Alternatively, if flow has a lot of fragments and changing the connectors in all fragments takes a lot of time you can have copy of the flow (+ fragments) using connector using Runtime authentication type of Client Credentials or Password Credentials.

Notice that possible to have connector using Password Credentials requies that IFS User has password defined in IFS and SSO login is disabled.

If flow uses projections that require authentication as actual user in IFS, then debugging can only be done by running tests in NC client.

👩‍💻
🛠️
Obtaining Authentication related URLs from IFS Cloud
https://help.novacuraflow.com/development/flow-studio/environment/active-directory-sync
Example IAM client for supporting OpenId
Example OpenId configuration in Flow Server
IFS User setup
Same user in flow server