Authentication properties

Model only
Property
Description
Default user folder
Folder that contains users created in
FactoryTalk Optix Studio
.
TIP: The default folder to contain user objects is
Security
Users
. When a domain user logs in at runtime, a corresponding user object appears in the folder specified.
Local only
Property
Description
Default user folder
Folder that contains users created in
FactoryTalk Optix Studio
.
TIP: The default folder to contain user objects is
Security
Users
. When a domain user logs in at runtime, a corresponding user object appears in the folder specified.
Default domain name
The default domain name for domain users that log on at runtime.
TIP:
To get the server address, enter this command in PowerShell
nslookup -type=srv _ldap._tcp.
ftoptix.local
, where
ftoptix.local
is the domain name of the Active Directory server, and copy the server DNS.
If you leave
Default domain name
blank, the domain name is set based on the Active Directory domain joined by the
Windows
client.
Domain only; Domain and local; Domain, local, and model
Property
Description
Default user folder
Folder that contains users created in
FactoryTalk Optix Studio
.
TIP: The default folder to contain user objects is
Security
Users
. When a domain user logs in at runtime, a corresponding user object appears in the folder specified.
Default domain name
The default domain name for domain users that log on at runtime.
TIP:
To get the server address, enter this command in PowerShell
nslookup -type=srv _ldap._tcp.
ftoptix.local
, where
ftoptix.local
is the domain name of the Active Directory server, and copy the server DNS.
If you leave
Default domain name
blank, the domain name is set based on the Active Directory domain joined by the
Windows
client.
Domain server address
Active Directory or LDAP server address.
TIP:
To get the server address, enter this command in PowerShell
nslookup -type=srv _ldap._tcp.ftoptix.local
, where
ftoptix.local
is the domain name of the Active Directory server, and copy the internet address.
If you leave
Default server address
blank, the Active Directory server address is set based on the Active Directory domain joined by the
Windows
client. If you do not specify the port in the server address, the default 389 port is used.
CA certificate file
Base64 CA certificate file.
TIP: If you leave
CA certificate file
blank, the local
Windows
machine is used to authenticate the user. CA certificate file is required to authenticate against a specific LDAP server or use a Linux client.
TIP:
To find items, start typing the item name to find in
Select file
.
If the file does not appear in
Select file
, select
Import file(s)
and in
Import file(s)
, select the file to import, and then choose
Select
.
For common configuration examples, see OAuth 2.0 configuration examples.
OAuth 2.0
Property
Description
Issuer
Base URL of the authentication server and issuer validator for the JSON Web Token (JWT).
Authorization path
Authorization path on the server. For example,
/oauth/authorize
Token path
Endpoint path to get the token. For example,
/oauth/token
JWKS path
Endpoint path to get the JSON Web Key Set (JWKS). For example,
/.well-known/jwks.json
Redirect URI
Address to open in web browser on successful user login.
TIP: The redirect URI is read as a string and is not reached by the web browser. You can use any URI.
Client ID
Client ID for
FactoryTalk Optix
project on the authentication server.
Additional scopes
Scopes added to the default openid and profile scopes. For example, an email scope.
Name claim
Name claim for the user name.
Group claim
Group claim for group names in an array of strings. For example,
["group1", "group2"]
Audience
JWT token audience where Client ID is the default.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.