Configuration

The basic settings for the server extension are specified in the General tab.

Default groups

Converts claim data to user groups. If a user on the OAuth server contains certain claims, these can be evaluated and assigned to a user group from the TwinCAT HMI accordingly.

Activate test mode (Advanced settings)

In test mode, the claims received during login are written to the TcHmi log. This can be used to check the claims. This option should not be set on a productive system.

Validation OAuth 2.0 in the server (TcHmiSrv > Security > OAuth 2.0 authorization configurations)

Use by default for OAuth authorization

Authentication extension domain

Links the set OAuth certification with a server extension. The server extension can then perform functions such as automatic mapping of users.

OAuth authorization endpoint

OAuth Token Endpoint

JSON Web Key Set Endpoint

OAuth Endpoint to end the session

Application or client ID

Secret client key

Response type

Scope

Describes the scope being used.
"microprofile-jwt" is required for the TwinCAT HMI with OAuth 2.0.

Domain note

Request

Domain note

Specifies the name of the domain being used. This information skips the e-mail-based determination.

Use verification of the certificate chain

CA certificate

If the standard certificate store is not to be used, the certificate can be stored here directly on the HMI server.

Further Information