OPC UA does not specify how user or Client Authorizationis to be provided. OPC UA Applicationsthat are part of a larger industrial automation product may manage Authorizationsconsistent with the Authorizationmanagement of that product. Identification and Authenticationof users is specified in OPC UA so that Clientand Serverapplications can recognize the user in order to determine the Authorizationlevel of the user.

OPC UA Serversrespond with the Bad_UserAccessDeniederror code to indicate an Authorization or Authenticationerror as specified in the status codes defined in OPC 10000-4.

In PubSubinteractions user Authorizationcan be used as part of the key distribution (SKS). This allows the Publisherand SKS to restrict access to specific users