Users & Roles

The server provides a system of access rights and privileges to ensure security. Its main function is verification of authenticity (authentication) and giving the client access to certain rights (authorization). The authentication mechanism provided by the client authenticates the username and password provided by the client compared to the user existing in the system, which is authorized according to the specified role.
User represents the server user with the specified login, password and role set. User lists are used for authentication of OPC UA clients and clients that administer the server. By default, the server has a blank password for the admin. You cannot rename, delete or modify the admin user, but you can change its password.
To reset the administrator password to the default (blank), you must run the utility resadmpwd from the server root folder and restart server service/process/daemon
User name is case-sensitive
Role represents the set of rights available to the user. Roles restrict the rights associated with server administration and data access. The following are the categories of rights and their description.
Category
Permissions
General
  • Connect, data synchronization and read server information (licenses, time, etc)
  • Download configuration
  • Reinitialize server
  • Upload configuration
  • Upload licenses
Security
  • Create role
  • Create user
  • Delete role
  • Delete user
  • Update role
  • Update user
Devices
  • Create device
  • Delete device
  • Update device
  • Run command
Tags
  • Create tag
  • Delete tag
  • Group action
  • Update tag
Time Series
  • Create time series
  • Delete time series
  • Group action
  • Update time series
Data Access (via OPC UA and Web API)
  • Read Value
  • Write Value
  • Browsing
  • Write Diagnostics
OPC UA
  • Delete security certificate
  • Import security certificate
  • Trust/Reject security certificate
  • Update Settings
Stores
  • Create store
  • Delete store
  • Update store
Scripts
  • Create module
  • Create expression
  • Delete module
  • Delete expression
  • Update module
  • Update expression
  • Execute expression