This ObjectType is the TypeDefinition for an Object that allows access to an AuthorizationService. It is defined in Table 103.
Table 103 – AuthorizationServiceType Definition
|
Attribute |
Value |
||||
|
BrowseName |
2:AuthorizationServiceType |
||||
|
IsAbstract |
False |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
Modelling Rule |
|
Subtype of the BaseObjectType defined in OPC 10000-5. |
|||||
|
0:HasProperty |
Variable |
2:ServiceUri |
0:String |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
2:ServiceCertificate |
0:ByteString |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
2:UserTokenPolicies |
0:UserTokenPolicy [] |
0:PropertyType |
Optional |
|
0:HasComponent |
Method |
2:GetServiceDescription |
Defined in 9.6.6. |
Mandatory |
|
|
0:HasComponent |
Method |
2:RequestAccessToken |
Defined in 9.6.5. |
Optional |
|
|
|
|||||
|
Conformance Units |
|||||
|
GDS Authorization Service Server |
|||||
The ServiceUri is a globally unique identifier that allows a Client to correlate an instance of AuthorizationServiceType with instances of AuthorizationServiceConfigurationType (see 9.7.4).
The ServiceCertificate is the Certificate required to check any Signature that is included with the Access Tokens. The ServiceCertificate may be a complete chain (see OPC 10000-6 for information on encoding chains).
The UserTokenPolicies Property specifies the UserIdentityTokens which are accepted by the RequestAccessToken Method.
The GetServiceDescription Method is used read the metadata needed to request Access Tokens.
The RequestAccessToken Method is used to request an Access Token from the AuthorizationService.