7 Common parameter type definitions ToC Previous Next

7.37 UserTokenPolicy ToC Previous Next

The components of this parameter are defined in Table 190.

Table 190 – UserTokenPolicy

Name Type Description
UserTokenPolicy structure Specifies a UserIdentityToken that a Server will accept.
   policyId String An identifier for the UserTokenPolicy assigned by the Server.
The Client specifies this value when it constructs a UserIdentityToken that conforms to the policy.
This value is only unique within the context of a single Server.
   tokenType Enum
User TokenType
The type of user identity token required.
This value is an enumeration with one of the following values:
   ANONYMOUS_0 No token is required.
   USERNAME_1 A username/password token.
   CERTIFICATE_2 An X.509 v3 Certificate token.
   ISSUEDTOKEN_3 Any token issued by an Authorization Service.
A tokenType of ANONYMOUS indicates that the Server does not require any user identification. In this case, the Client Application Instance Certificate is used as the user identification.
   issuedTokenType String A URI for the type of token.
OPC 10000-6 defines URIs for common issued token types.
Vendors may specify their own token types.
This field may only be specified if TokenType is ISSUEDTOKEN_3.
   issuerEndpointUrl String An optional string which depends on the Authorization Service.
The meaning of this value depends on the issuedTokenType. Further details for the different token types are defined in OPC 10000-6.
For Kerberos this string is the name of the Service Principal Name (SPN).
For JWTs this is a JSON object with fields defined in OPC 10000-6.
   securityPolicyUri String The security policy to use when encrypting or signing the UserIdentityToken when it is passed to the Server in the ActivateSession request. Clause 7.36 describes how this parameter is used.
The security policy for the SecureChannel is used if this value is null or empty.

Previous Next