Users & Roles

The server provides a system of access rights and privileges to ensure security. Its main function is verification of authenticity (authentication) and giving the client access to certain rights (authorization). The authentication mechanism provided by the client authenticates the username and password provided by the client compared to the user existing in the system, which is authorized according to the specified role. 
User represents the server user with the specified login, password and role set. User lists are used for authentication of OPC UA clients and clients that administer the server. By default, the server has a blank password for the admin. You cannot rename, delete or modify the admin user, but you can change its password.
To reset the administrator password to the default (blank), you must run the utility resadmpwd from the server root folder and restart server service/process/daemon
User name is case-sensitive
Role represents the set of rights available to the user. Roles restrict the rights associated with server administration and data access. The following are the categories of rights and their description.
Category
Permissions
General
Connect, data synchronization and read server information (licenses, time, etc)
Download configuration
Reinitialize server
Upload configuration
Upload licenses
Security
Create role
Create user
Delete role
Delete user
Update role
Update user
Devices
Create device
Delete device
Update device
Run command
Tags
Create tag
Delete tag
Group action
Update tag
Time Series
Create time series
Delete time series
Group action
Update time series
Data Access (via OPC UA and Web API)
Read Value
Write Value
Browsing
Write Diagnostics
OPC UA
Delete security certificate
Import security certificate
Trust/Reject security certificate
Update Settings
Stores
Create store
Delete store
Update store
Scripts
Create module
Create expression
Delete module
Delete expression
Update module
Update expression
Execute expression

Last modified 7mo ago

Category	Permissions
General	Connect, data synchronization and read server information (licenses, time, etc) Download configuration Reinitialize server Upload configuration Upload licenses
Security	Create role Create user Delete role Delete user Update role Update user
Devices	Create device Delete device Update device Run command
Tags	Create tag Delete tag Group action Update tag
Time Series	Create time series Delete time series Group action Update time series
Data Access (via OPC UA and Web API)	Read Value Write Value Browsing Write Diagnostics
OPC UA	Delete security certificate Import security certificate Trust/Reject security certificate Update Settings
Stores	Create store Delete store Update store
Scripts	Create module Create expression Delete module Delete expression Update module Update expression Execute expression