UA Part 3: Address Space Model - 4.9.2 Well Known Roles

The NodeIds for the well-known Roles are defined in OPC 10000-6. All Servers should support the well-known Roles which are defined in Table 2.

Table 2 – Well-Known Roles

BrowseName	Suggested Permissions
Anonymous	The Role is allowed to browse and read non-security related Nodes only in the Server Object and all type Nodes.
AuthenticatedUser	The Role is allowed to browse and read non-security related Nodes.
Observer	The Role is allowed to browse, read live data, read historical data/events or subscribe to data/events.
Operator	The Role is allowed to browse, read live data, read historical data/events or subscribe to data/events. In addition, the Session is allowed to write some live data and call some Methods.
Engineer	The Role is allowed to browse, read/write configuration data, read historical data/events, call Methods or subscribe to data/events.
Supervisor	The Role is allowed to browse, read live data, read historical data/events, call Methods or subscribe to data/events.
ConfigureAdmin	The Role is allowed to change the non-security related configuration settings.
SecurityAdmin	The Role is allowed to change security related settings.