What is M2M?
M2M (Machine 2 Machine) refers to direct electronic communication among machines, devices and systems. For example, a program in a PC communicating with smart sockets that measure the immediate current without human intervention. Generally we also use the term
OPEN API
for this. In FactoryTalk DataMosaix, identities are managed as:
Machine to Machine identities
- Applications
- Extractors
User Identities
NOTE:
Auth0 is the identity provider. Auth0 authenticates the identity (user/M2M) and has no knowledge of the identity role/group membership at this stage. However, after successful authentication, Auth0 offers the ability to perform an action that enables:
- To call a Datamosaix endpoint that ask for role/group membership the identity.
- User => GET /api/v1/users/{uid}/claims
- M2M => GET /api/v1/machine/{uid}/claims
- To inject the role/group claims into the identity token.
For every FactoryTalk DataMosaix REST endpoint, it is defined which role is authorized to call it. An identity must therefore be a member of the role in order to successfully call the endpoint. These roles are defined independently for each CDF project/tenant (the project name is identical, but the role ID is different and unique). In other words, the name of the 'Project Admin' in Project A and B is identical, but the role IDs are different. The role IDs are listed in the token and not the role names.
Provide Feedback