-
Identity Overview (version 24)
The Identity service is used for three main purposes: Authenticating users that connect using Canary’s client tools Authorizing other Canary services Managing API Tokens Authenticating Users The…
-
Identity Tile (version 24)
Total Users – total number of “Canary” users created within the Identity service Active Users – total number of Canary users who are currently logged in to a Canary application (Canary Admin, Axiom,…
-
Identity Architectures (version 24)
When installing the Canary system, it is important to determine where the Identity service will be located as other Canary services must connect to it when authenticating and authorizing users.…
-
How to Add an OpenID Connect Identity Provider (version 24)
By default, Canary uses Windows AD for user authentication; however, starting in v24, Canary also supports OAuth 2.0/OpenID Connect. This gives end users alternate options for signing into Canary's…
-
How to Create an API Token (version 24)
API tokens are used for several purposes within the Canary system. Reading data from the Historian using the Read API Writing data to the Historian using the Write API Writing data to the Historian…
-
Tag Security (version 24)
Tag Security is used for restricting who can read and/or write to the Historian. When enabled, Canary users/groups must be given proper permissions within the Identity service.…
-
Kerberos Authentication Limitation (version 24)
Kerberos does not work when connecting to Identity from the local server using a FQDN When a client on the Identity server connects to Identity using a FQDN and attempts to authenticate with Kerberos,…
-
How to Configure Kerberos Authentication in Edge, Chrome, and Firefox (version 24)
If wishing to enable Kerberos within the Identity service, the following configuration changes may be needed depending on the browser you are using. Edge Install the Edge administrative template .…
-
How to Change the Identity REST API Port (version 24)
By default, the Identity service is set to listen on 55353 for inbound client applications (e.g. Axiom, Excel Add-in, and Admin) trying to authenticate.…