Users & Roles
The server provides a system of access rights and privileges to ensure security. Its main function is verification of authenticity (authentication) and giving the client access to certain rights (authorization). The authentication mechanism provided by the client authenticates the username and password provided by the client compared to the user existing in the system, which is authorized according to the specified role.
User represents the server user with the specified login, password and role set. User lists are used for authentication of OPC UA clients and clients that administer the server. By default, the server has a blank password for the admin. You cannot rename, delete or modify the admin user, but you can change its password.
To reset the administrator password to the default (blank), you must run the utility resadmpwd from the server root folder and restart server service/process/daemon
User name is case-sensitive
Role represents the set of rights available to the user. Roles restrict the rights associated with server administration and data access. The following are the categories of rights and their description.
Category
Permissions
General
Connect, data synchronization and read server information (licenses, time, etc)
Download configuration
Reinitialize server
Upload configuration
Upload licenses
Security
Create role
Create user
Delete role
Delete user
Update role
Update user
Devices
Create device
Delete device
Update device
Run command
Tags
Create tag
Delete tag
Group action
Update tag
Time Series
Create time series
Delete time series
Group action
Update time series
Data Access (via OPC UA and Web API)
Read Value
Write Value
Browsing
Write Diagnostics
OPC UA
Delete security certificate
Import security certificate
Trust/Reject security certificate
Update Settings
Stores
Create store
Delete store
Update store
Scripts
Create module
Create expression
Delete module
Delete expression
Update module
Update expression
Execute expression
Last updated