This ObjectType is the TypeDefinition for an Object that allows the management of KeyCredentials. It is defined in Table 47.
Table 47 – KeyCredentialServiceType Definition
|
Attribute |
Value |
||||
|
BrowseName |
KeyCredentialServiceType |
||||
|
Namespace |
GDS (see 3.3) |
||||
|
IsAbstract |
False |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
Modelling Rule |
|
Subtype of the BaseObjectType defined in OPC 10000-5. |
|||||
|
HasProperty |
Variable |
ResourceUri |
String |
PropertyType |
Mandatory |
|
HasProperty |
Variable |
ProfileUris |
String[] |
PropertyType |
Mandatory |
|
HasComponent |
Method |
StartRequest |
|
Defined in 8.4.4. |
Mandatory |
|
HasComponent |
Method |
FinishRequest |
|
Defined in 8.4.5. |
Mandatory |
|
HasComponent |
Method |
Revoke |
|
Defined in 8.4.6. |
Optional |
The ResourceUri Property uniquely identifies the resource that accepts the KeyCredentials provided by the KeyCredentialService Object.
The ProfileUris Property specifies URIs assigned in OPC 10000-7 to the authentication mechanism used to communicate with the resource that accepts KeyCredentials provided by the Object. For example, it could specify that the resource returns JWTs using OAuth2 HTTP based APIs. As another example, it could specify an MQTT broker that expects a username/password.
The StartRequest Method is used to initiate a request for new KeyCredentials for an application. This request may complete immediately or it can require offline approval by an administrator.
The FinishRequest Method is used to complete a request created by calling StartRequest . If the KeyCredential is available it is returned. If request is not yet completed it returns Bad_NothingToDo.
The Revoke Method is used to revoke a previously issued KeyCredential.