Flow Help
NovacuraRoadmap
Flow Classic Help
Flow Classic Help
  • What is Novacura Flow?
  • 📓System requirements
  • Release information
    • Main Flow releases
      • Release notes 6.13
      • Release notes 6.14
      • Release notes 6.15
    • Flow service packs
      • 6.10
        • 6.10.35
      • 6.11
      • 6.12
        • 6.12.19
        • 6.12.20
      • 6.13
        • 6.13.7
        • 6.13.8
        • 6.13.9
        • 6.13.10
        • 6.13.11
        • 6.13.12
        • 6.13.13
        • 6.13.14
        • 6.13.15
        • 6.13.16
        • 6.13.17
      • 6.14
        • 6.14.1
        • 6.14.2
        • 6.14.3
        • 6.14.4
        • 6.14.5
        • 6.14.6
        • 6.14.7
        • 6.14.8
        • 6.14.9
        • 6.14.10
        • 6.14.11
        • 6.14.12
        • 6.14.13
        • 6.14.14
      • 6.15
        • Server
          • 6.15.1
          • 6.15.2
          • 6.15.3
          • 6.15.4
          • 6.15.5
          • 6.15.6
          • 6.15.7
          • 6.15.8
          • 6.15.9
          • 6.15.10
          • 6.15.12
          • 6.15.13
          • 6.15.14
          • 6.15.15
          • 6.15.16
          • 6.15.17
        • Studio
          • 6.15.1
          • 6.15.2
          • 6.15.3
          • 6.15.4
          • 6.15.5
          • 6.15.6
          • 6.15.7
          • 6.15.8
          • 6.15.10
          • 6.15.11
          • 6.15.12
        • Installer
          • 6.15.1
          • 6.15.2
          • 6.15.6
    • Connector services
      • IFS OData Connector
        • 2.1.33
        • 2.1.29
        • 2.1.28
        • 2.1.27
        • 2.1.26
        • 2.1.25
        • 2.1.24
        • 2.1.23
        • 2.1.22
        • 2.1.21
        • 2.1.20
        • 2.1.19
        • Earlier releases
          • 2.1.18
          • 2.1.17
          • 2.1.16
          • 2.1.15
          • 2.1.14
          • 2.1.13
          • 2.1.12
      • SFTP Connector
        • 2.1.0
      • M3 Rest Connector
        • 2.1.4
        • 2.1.2
      • File System Connector
        • 2.1.3
        • 2.1.2
        • 2.1.1
        • 2.0.0
      • Microsoft Active Directory
        • 2.1.3
    • Android client
    • iOS client
    • Portal 2
      • 2020.13.2
      • 2020.13.3
      • 2020.13.4
      • 2020.13.5
      • 2020.14
      • 2020.14.1
      • 2020.14.2
      • 2020.14.3
      • 2020.14.4
      • 2023.1
      • 2023.2
      • 2023.3
      • 2023.4
      • 2024.1
      • 2024.2
      • 2024.3
      • 2024.4
      • 2025.1
    • Web client
      • 1.1
      • 1.2
      • 1.3
      • 1.4
      • 1.5
      • 1.6
      • 1.7
      • 1.8
      • 1.9
      • 1.10
      • 1.11
      • 1.12
      • 1.13 and up - Change log
    • Integration Engine
      • 2024-10-08
      • 2024-11-26
      • 2024-11-12
      • 2024-12-10
      • 2025-01-13
      • 2025-03-05
      • 2025-03-27
  • 🎣Getting started
    • Quick start
    • Develop your first app
  • 🔨Installation and upgrade
    • Installation
    • New installation
    • Upgrade installation
    • Apply service pack
    • Add component
    • Windows authentication
    • Event log
    • FAQ
      • Monitoring
      • Troubleshooting
      • Migration tool
      • IIS user permission
      • Moving SQLite portal database
  • 🧱Security
    • Server
      • Security settings
  • 💡Development
    • Performance Guidelines
    • FlowScript
      • Variables
      • Operators
      • Functions
        • Text functions
          • Chr
          • DecodeText
          • Guid
          • InStr
          • IsNull
          • Left
          • Len
          • Lower
          • Mid
          • Split
          • RegexMatch
          • RegexMatches
          • RegexReplace
          • Replace
          • Right
          • Trim
          • URLEncode/URLDecode
          • Upper
        • Number functions
          • Ceil
          • Floor
          • Format
          • IsNaN
          • IsNumber
          • Max
          • Min
          • Pow
          • Round
          • Str
          • Maths
            • Abs
            • Acos
            • Asin
            • Atan
            • Cos
            • Cosh
            • Sin
            • Sinh
            • Tan
            • Tanh
            • ToDegrees
          • Val
          • Random
        • Date functions
          • Date
          • Format
          • Now
        • DateTime module
        • JSON module
        • Other
          • Base64DecodeText
          • Base64Encode
          • Case/When/Then
          • Default
          • Empty
          • Group by
          • In
          • Inner Join
          • Non-Boolean values
      • Table
        • All
        • Any
        • Count
        • CSVFill
        • Eval
        • First
        • FirstOrDefault
        • FirstOrEmpty
        • Last
        • Skip
        • Sum
        • Take
        • XMLFill
        • Table queries
      • Programs
      • Formats
      • Script examples
        • SQL Join equivalent
      • AD sync scripting
    • Studio
      • Installation and log in
        • OpenID Connect
      • Applications
        • Menu
          • Inbox
            • Public variables
        • Workflow
          • Start step
          • User step
            • Header
            • Static text
            • Labeled static text
            • Link
            • External app launcher
            • Image viewer
            • Text input
            • Numeric input
            • Date input
            • Time input
            • Check box input
            • Binary option input
            • List selection input
            • List multi-selection input
            • Menu selection input
            • Data grid
            • Calendar
            • Image selection input
            • List presentation
            • Camera input
            • File gallery
            • GPS location input
            • Signature capture input
            • Item creation sub task
            • Check list sub task
            • Verb sub task
          • Machine step
          • Decision step
          • Assertion step
          • Assignment
          • Table
          • Event
          • Checkpoint
          • Split
          • Join
          • Script item
          • Log point
          • Annotation
          • End step
          • Included workflow - fragments
          • Offline resource
          • Swimlanes
          • Offline workflow
            • Create an offline workflow
            • Create an offline resource
            • Create an offline seed inbox
            • Create offline transactions
          • Source Code Editor
        • Subscribe
        • Server content
          • Workflow scheduler
          • Generate link
        • Elements
        • Problems
        • Find
        • Metadata panel
        • Version panel
        • Navigation
        • Test bench
        • Application package
          • Get started
      • Environment
        • Users
        • Roles
        • Connectors
        • Properties
        • Languages
        • System events
        • Active directory sync
        • License
        • Devices
        • Branding
        • Reports
      • Monitoring
        • Tasks
        • Applications
        • Help requests
      • Connectors
    • Portal 2
      • Getting started
      • General
        • Add pages and portlets
        • Edit pages
        • Navigation
        • Style
        • Settings
          • Global Variables
          • List of values management
          • Time offset
          • Presentation mode
      • Portlets
        • Basic
          • Data tree
          • Document viewer
          • Filter
          • HTML Advanced
          • HTML table
          • Record viewer
          • Table
          • Text
        • Workflow
          • Inbox
          • Workflow
        • KPI
          • KPI card
          • Speedometer
        • Visual planning
          • Gantt
          • Kanban
          • Map
          • Scheduler
        • Chart portlets
          • Bar chart
          • Column chart
          • Line chart
          • Pie chart
        • Common configuration
          • Visual planning input data
      • Portal Push Notifications
    • Portal
      • Get started
      • Options
        • Settings
        • List of values management
        • Global variables management
        • Content access management
        • Translations management
        • Import/export
      • Portlets
        • Table
          • Database source
          • Workflow source
        • Record viewer
        • Process overview
        • Iframe
        • Inbox
        • News viewer
        • Document tree
        • Document list
        • Document viewer
        • Generic document viewer
        • Generic document viewer URL
        • Generic document viewer
        • Filter
        • HTML
        • Text
        • Data visualizer card
        • Data visualizer navigator
        • Visual planning
          • Gantt chart
          • Kanban
          • Resource bucket
          • Scheduler
        • Map
      • Icons
    • Integration Engine
      • Get Started
        • Set up Flow 6 Server connection
        • Create an integration
          • Webhook trigger
            • Try the webhook
          • Schedule trigger
        • Turn on diagnostics
        • Add data processing
        • Inspect history and retry execution
        • Monitor all executions
  • 🔌CONNECTORS
    • Overview
    • Installation
      • System Requirements
      • Install
        • Windows Service
      • First-time Setup
      • Tuning performance
    • Areas
      • Business systems
        • Database
          • Oracle
          • SQL Server
        • IFS Applications
          • IFS OData
            • Authentication in IFS Cloud
            • Obtaining end-point info from IFS Cloud
            • Configuring IFS OData connector
            • Configuring databases
            • Operations
              • Create
              • Read
              • Update
              • Delete
              • Get by key
              • Actions
              • Functions
              • Batch
              • Custom request
          • IFS Applications 9/10
        • Infor M3
          • M3 Infor API
          • Infor M3 REST
            • Obtaining end-point info from Infor ION API
            • Configuring Infor M3 REST connector
            • Technical Details
        • Maximo Generic
        • SAP
          • SAP BAPI
            • Basic API
              • BAPI: ZNCFLOW_APPLICATION_COMPONENT
              • BAPI: BAPI_MONITOR_GETLIST
              • BAPI: BAPI_INTERFACE_GETDOCU
              • BAPI: RFC_GET_FUNCTION_INTERFACE
              • BAPI: ZNCFLOW_DDIF_FIELDINFO_GET
        • Oracle Primavera
        • Microsoft Dynamics AX
        • Microsoft Dynamics CRM
        • Microsoft Active Directory
        • Microsoft SharePoint 2013
          • Generic operations
            • Custom list
              • Attachments
              • Create new item
              • Create new item, with field values
              • Delete item
              • Get items by query
              • List all items
              • List fields of items
              • Update item field
            • Document library
              • Check in/out file
              • File management
              • Create sub folder
              • Upload/download
            • Tasks
              • Attachments
              • Predecessors
              • Task information
              • Update task
              • Create new subtask
              • Create new task
            • User operations
              • Group operations
              • Get user by ID
              • Get user by login name
              • List users
      • Communication
        • Email
        • Web page submit
        • FTP
          • Server Operations
          • Directory operations
          • Download Operations
          • File Operations
          • Upload operations
        • SFTP
          • Directory operations
          • Download operations
          • File operations
          • Upload operations
        • Modbus
          • Read operations
          • Write operations
        • External Oauth 2.0 provider
        • Siox
        • REST service
          • REST Project Tool
            • Getting started
            • Operations
              • Parameters
                • Computed parameters
              • Outputs
            • Models
              • Custom model member
            • Model transform
            • Global output
            • Global parameters
            • Authorization schemes
            • Enumerations
            • Tools
        • Web service
          • Example
            • Webservice example: Connector to Microsoft Dynamics AX
        • OPC UA Connector
      • Printing
        • BarTender 2016
          • Print
          • Manually select
          • Print from BTXML script
          • Print from BTXML script
          • List printers
        • NiceLabel
        • Html to PDF
      • Utility
        • Flow environment
        • Custom .NET
        • Google API
        • Generate Xml Data
        • Generate text
        • File System
          • Connector service
            • Configuration
            • Operations
            • Flow Integration
            • API Access
            • Triggers
          • Embedded connector
            • Configuration
            • Directory operations
            • File operations
            • Zip operations
  • 📱Clients
    • Mobile clients
      • Get started
      • Miscellaneous
      • Mobile Device Management
        • Microsoft Endpoint Manager
      • Offline
      • Scanning
    • Web client
      • Get started
      • Miscellaneous
      • Offline
      • Scanning
      • Self hosting
    • Windows 10 client
    • Android legacy client
    • iOS legacy client
    • Web legacy client
    • Windows CE client
  • ❓FAQ
    • How do i find which version of Flow i am running?
  • 📧Contact
Powered by GitBook
On this page

Was this helpful?

Last updated 3 years ago

Was this helpful?

In IFS Cloud, user authentication is handled through . To access the IFS OData API's, the IFS OData connector needs to retrieve an access token from IFS IAM. IFS IAM supports the OpenID Connect specification and also provides the ability to optionally delegate the authentication to an external Identity Provider.

There are several ways we can retrieve an access token in IFS Cloud and the IFS OData connector supports all of them.

Non-interactive authentication

In non-interactive authentication, there is no graphical client involved in the authentication flow and the access token is obtained through a single call by invoking the token endpoint in IFS IAM. Non-interactive authentication can be further divided into 3 sub-types depending on the nature and specific needs of the integration scenario.

  • Client Credentials Flow - uses service accounts instead of end-user accounts.

  • Password Credentials Flow - uses end-user account where the end-user credentials are stored/provided by the flow client.

  • Basic Authentication - Not recommended and should be only used only if other auth flows are not possible.

Interactive authentication

In Interactive authentication, the access token is obtained in two steps. First, the authorization endpoint in IFS IAM is invoked which would render the Aurena log-in page. Once the user enters the end-user credentials on the log-in page then the token endpoint is invoked which will return the access token. Interactive authentication can be further divided into 2 sub-types depending on who acts as the identity provider.

  • Authorization Code Flow - IFS IAM acts as the identity provider.

  • External IDP’s (single sign-on)- any external identity provider who supports OpenID Connect specification. Example - Azure AD, Okta

Custom Client Registration

In order to retrieve an access token from IFS IAM, we need to register a custom client in IAM. Depending on the type of authentication we'll have to create different custom client registrations. Custom clients can be registered in IFS Cloud via Solution Manager > Security > Identity and Access Manager > IAM Client Details page. For more info refer to the IFS Cloud documentation .

To register a custom client in IFS Cloud,

  • Navigate to Solution Manager > Security > Identity and Access Manager > IAM Client Details page

  • Click on the plus icon and fill in the information in the resulting dialog

    • Enter a Client ID and optional description

    • Enabled checkbox set to true

  • For Client Credentials flow

    • Service Accounts and Direct Access Grants checkboxes set to true

    • Select an existing service user for the Username field in User Group section

  • For Password Credentials flow

    • Service Accounts checkbox set to false

    • Direct Access Grants checkbox set to true

  • For Authorization Code Flow

    • Service Account and Direct Access Grants checkboxes set to false

    • Redirect Uri is set to ncflow://authenticate

At the moment Authorization Code Flow is only supported in Flow mobile client hence the redirect uri is set to ncflow://authenticate.

  • Once saved the Client Secret will be generated and we will use the Client ID & Secret in connector configuration.

  1. 🔌CONNECTORS
  2. Areas
  3. Business systems
  4. IFS Applications
  5. IFS OData

Authentication in IFS Cloud

PreviousIFS ODataNextObtaining end-point info from IFS Cloud
IFS Identity and Access Manager
Custom Client