Recommended to be used to show implicit knowledge that a OPC UA server supports multiple endpoints with different configuration for the security mode (e.g., None, Sign, or SignAndEncrypt), security policy (e.g., Basic256Sha256, Aes256_Sha256_RsaPss), and supported user identity tokens (e.g., Anonymous, UserName, Certificate).

This reflects the default use case of an OPC UA Client-Server interaction during the OPC UA Session Establishment phase. The client must execute the OPC UA GetEndpoints service in order to select the desired (secured) endpoint to open the session with the OPC UA server. To indicate this, in the WoT Thing Description, the AutoSecurityScheme should be used with the term auto (i.e., "scheme": "auto").

Please note that login credentials such as passwords or certificates are not shared in WoT Thing Descriptions and must be provided separately, e.g., through a separate credential store or by an explicit prompt to the client to enter the credentials for the session.