Mastering Forge #16: Enabling Role-Based User Management

Welcome to the 16th tutorial on our series Mastering Forge.

In our previous article, Mastering Forge #15, we showed you how to update Forge and Forge’s license.

In this tutorial, we’ll learn about Forge’s role-based user management. We’ll also learn how to connect your Forge to your authentication service, such as LDAP.

If you prefer your tutorials in video format instead, you can watch our tutorial on Forge’s role-based user management on our YouTube channel.

During this tutorial, we’ll be using the following products:

Connect to LDAP

Forge enables integration with authentication services like LDAP, allowing you to leverage existing credentials. This simplifies your architecture by minimizing the need for additional user credential management.

1. Navigate to Advanced Menu > User Management > Providers and click + Add Provider.

2. Enter the details of your authentication provider and click Add.

Enable Role-Based User Management

Create user groups to manage and organize permissions. Assign users to these groups to ensure controlled access to your data. We’ll begin by restricting global permissions to ensure only users with the appropriate roles can access specific functionalities.

1. Navigate to Advanced Menu > User Management > Global Permissions.

2. Disable the permissions as shown in the figure. 

Global permissions are restricted by disabling some features.

3. Navigate to Advanced Menu > User Management > User Groups and click + Add Group.

4. Name the group “Operator” and enable the permissions shown in the following image. 

Operator group is created and global permissions are overwritten to enable more features for this group.

5. Next, we’ll create a user for the Operators group. Navigate to Advanced Menu > User Management > Users and click + Add User.

6. Select the group and enter the username of the LDAP user you wish to add. The user’s permissions will be inherited from the group’s assigned permissions.

Ldap user is created to group Operators.

7. You can also create a Local User by specifying a username and password. If the user is not assigned to any group, they will automatically inherit the global permissions.

8. You can now log out of Forge and log back in using a different user account.

User settings menu opened and logout button is pointed with a pink arrow.

9. These user credentials can also be used to log in with an OPC UA client, such as Prosys OPC UA Browser.

Next Steps

This wraps up the 16th article of the Mastering Forge series. Here’s a recap of what we did in this tutorial:

  1. We connected Forge to LDAP.
  2. We created a User Group to manage permissions.
  3. We set up a user with restricted access.

In the next article Mastering Forge #17, we’ll explore the Event Mapper feature, which allows you to access data from OPC UA events.

If you want to learn more about Forge and its capabilities, you can request a detailed introduction by emailing sales@prosysopc.com or using our contact form. We’d be delighted to provide tailored information about Forge that aligns with your interests and requirements.

A headshot of Iivo Yrjölä

Iivo Yrjölä

Customer Integration & Support, Prosys OPC

Email: iivo.yrjola@prosysopc.com

Related Posts

Develop OPC UA Applications on Android with Prosys SDK

Develop OPC UA applications on Android with the Prosys OPC UA SDK for Java. This updated guide shows how to get started with Android SDK API 35, including a simple client example. Please note that testing on Android is limited, so full interoperability with all OPC UA systems cannot be guaranteed.

Read More »

Valio – Connecting Dairy Plant Automation with IT Using Prosys OPC UA Forge

At Valio, product quality and traceability requirements are at a very high level, highlighting the importance of smooth and reliable communication between different production systems. To meet these requirements, Prosys OPC developed the OPC UA standard based software Valio uses for integrating all their automation and manufacturing execution systems.

Read More »

Master’s Thesis Recap: OPC UA Role-Based Access Control in Industrial Automation

This master’s thesis recap examines how OPC UA Role-Based Access Control (RBAC) can be implemented in industrial automation. It compares directory integration with local role mappings, outlines their benefits and challenges, and presents findings from a simulated case study. The results highlight practical considerations for strengthening OT network security with OPC UA.

Read More »

Interested in this topic?

Get updated about new posts through our newsletter!