8 KeyCredential Management ToC Previous Next

8.4 Information Model for Pull Management ToC Previous Next

8.4.3 KeyCredentialServiceType ToC Previous Next index

This ObjectType is the TypeDefinition for an Object that allows the management of KeyCredentials. It is defined in Table 47.

Table 47 – KeyCredentialServiceType Definition

Attribute Value
BrowseName KeyCredentialServiceType
Namespace GDS (see 3.3)
IsAbstract False

Subtype of the BaseObjectType defined in OPC 10000-5.

References NodeClass BrowseName DataType TypeDefinition Modelling Rule
HasProperty Variable ResourceUri String PropertyType Mandatory
HasProperty Variable ProfileUris String[] PropertyType Mandatory
HasComponent Method StartRequest   Defined in 8.4.4. Mandatory
HasComponent Method FinishRequest   Defined in 8.4.5. Mandatory
HasComponent Method Revoke   Defined in 8.4.6. Optional

The ResourceUri Property uniquely identifies the resource that accepts the KeyCredentials provided by the KeyCredentialService Object.

The ProfileUris Property specifies URIs assigned in OPC 10000-7 to the authentication mechanism used to communicate with the resource that accepts KeyCredentials provided by the Object. For example, it could specify that the resource returns JWTs using OAuth2 HTTP based APIs. As another example, it could specify an MQTT broker that expects a username/password.

The StartRequest Method is used to initiate a request for new KeyCredentials for an application. This request may complete immediately or it can require offline approval by an administrator.

The FinishRequest Method is used to complete a request created by calling StartRequest . If the KeyCredential is available it is returned. If request is not yet completed it returns Bad_NothingToDo.

The Revoke Method is used to revoke a previously issued KeyCredential.

Previous Next