Configuring the server to support an OPC UA client user

OPC UA clients require you to configure an authentication scheme. This scheme assures that the identity of each user can be verified. It may use roles to limit user access to only certain areas. The scheme authenticates the user when he or she enters a username and password, which are already configured for the user.

  • You are connected to a running station that is configured with the OpcUaServer.

  • The opcUaServer palette is open.

Note: When making any server-side changes, you must first disable and then re-enable the server.
  1. In the Nav tree, expand Config > Drivers, right-click OpcUaServer and click Views > AX Property Sheet.
    The server’s AX Property Sheet opens.
  2. Under the Enabled property, click the drop-down list and click false.
    The driver disables the OpcUaServer.
  3. In the Nav tree, expand Config > Services > AuthenticationService.


  4. Drag the OpcUaAuthenticationScheme component from the opcUaServer palette to the station’s Authentication Schemes subfolder.
  5. Expand Config > Services and double-click UserService.
    The User Manager opens.
  6. To add a single new user, click New and click OK.
    A second New window opens.
  7. Configure these properties and click Ok.:

    • For Name enter the user’s name.

    • For Authentication Scheme Name, select a scheme from the drop-down list.

    • For Password, create a strong password and enter it a second time in the Confirm property.

    A strong password requires at least ten characters, plus at least one of each of the following characters: lowercase, uppercase, and a digit.

  8. If you use the same default password for all new users set the Force Reset At Next Login value to true.
  9. To enable the server, expand Config > Drivers, right-click OpcUaServer and click Views > AX Property Sheet.
    The AX Property Sheet opens.
  10. Set Enabled to true and click Save.
    The server is ready to support an OPC UA client user.