On the haul-off authentication via user name and password is commonly used.

For the users and roles of the connection the following applies:

  • User names can be manufacturer dependent.
  • Standard roles are
  • “OPC40084”: read and write access for selected parameters
  • “OPC40084_read_only”: no writing permissions
  • Manufactures can add additional roles. They may not start with “OPC40084”. For these roles, more parameters can be writeable than for the OPC40084 role.
  • The standard user “OPC40084” has the role “OPC40084” (and no other additional role), “OPC4004_read_only” has the roll “OPC40084_read_only” (and no other additional role); the passwords for the standard users are defined by the manufacturers (they may be empty).

NOTE: OPC UA also allow an anonymous-token (e.g. for testing)