This ObjectType is the TypeDefinition for an Object that allows access to an AuthorizationService. It is defined in Table 146.
Table 146 – AuthorizationServiceType Definition
|
Attribute |
Value |
||||
|
BrowseName |
2:AuthorizationServiceType |
||||
|
IsAbstract |
False |
||||
|
References |
NodeClass |
BrowseName |
DataType |
TypeDefinition |
Modelling Rule |
|
Subtype of the BaseObjectType defined in OPC 10000-5. |
|||||
|
0:HasProperty |
Variable |
2:ServiceUri |
0:String |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
2:ServiceCertificate |
0:ByteString |
0:PropertyType |
Mandatory |
|
0:HasProperty |
Variable |
2:UserTokenPolicies |
0:UserTokenPolicy [] |
0:PropertyType |
Optional |
|
0:HasComponent |
Method |
2:GetServiceDescription |
Defined in 0. |
Mandatory |
|
|
0:HasComponent |
Method |
2:RequestAccessToken |
Defined in 9.6.5. |
Optional |
|
|
|
|||||
|
Conformance Units |
|||||
|
GDS Authorization Service Server |
|||||
The ServiceUri is a globally unique identifier that allows a Client to correlate an instance of AuthorizationServiceType with instances of AuthorizationServiceConfigurationType (see 9.7.4).
The ServiceCertificate is the Certificate required to check any Signature that is included with the AccessTokens. The ServiceCertificate may be a complete chain (see OPC 10000-6 for information on encoding chains).
The UserTokenPolicies Property specifies the UserIdentityTokens which are accepted by the RequestAccessToken Method.
The GetServiceDescription Method is used to read the metadata used to request AccessTokens.
The RequestAccessToken Method is used to request an AccessToken from the AuthorizationService.