This type is used to serialize the AuthorizationService configuration. It is defined in Table 153.
This type is used as part of the ApplicationConfigurationDataType defined in 7.10.19 which allows multiple of AuthorizationServices in a Server to be updated at once.
The Name of the record is the name portion of the BrowseName of the associated AuthorizationServiceConfiguration Object in the AddressSpace.
If multiple ServiceCertificates are specified the first entry in the list is exposed with the ServerCertificate Property on the AuthorizationServiceConfiguration Obect.
Note that when a new AuthorizationServiceConfiguration is added, Clients need to browse the AuthorizationServices folder to discover the NodeId assigned by the Server that is needed for Certificate Management Methods.
Table 153 – AuthorizationServiceConfigurationDataType Structure
|
Name |
Type |
Description |
|
AuthorizationServiceConfigurationDataType |
Structure |
|
|
ServiceUri |
0:UriString |
A URI uniquely identifies the AuthorizationService. |
|
ServiceCertificate |
0:ByteString[] |
The CertificateChain needed to verify Access Tokens issued by the AuthorizationService. The Certificates appear in the array starting with the end-entity followed by its issuer. |
|
Certificate |
0:ByteString |
The Certificate needed to verify Access Tokens issued by the AuthorizationService. |
|
Issuers |
0:ByteString[] |
The Issuers needed to verify the Certificate. The Certificates appear in the array starting with the issuer of the Certificate. |
|
ValidFrom |
0:UtcTime |
When the Certificate may be used to verify AccessTokens. If null then the Certificate can be used any time after ValidFrom field within the Certificate. |
|
ValidTo |
0:UtcTime |
After this time, the Certificate may not be used to verify AccessTokens. If null there is no expiry time other than the ValidTo field within the Certificate. |
|
IssuerEndpointSettings |
0:String |
The AuthorizationService specific settings that Clients need to know before requesting Access Tokens from the AuthorizationService. The syntax depends on the AuthorizationService. |
Its representation in the AddressSpace is defined in Table 154.
Table 154 – AuthorizationServiceConfigurationDataType Definition
|
Attribute |
Value |
|||||
|
BrowseName |
0:AuthorizationServiceConfigurationDataType |
|||||
|
IsAbstract |
False |
|||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
Other |
|
|
Subtype of the 0:BaseConfigurationRecordDataType defined in 7.8.5.5. |
||||||
|
|
||||||
|
Conformance Units |
||||||
|
Authorization Service Configuration Server |
||||||