-
Identity Overview (version 26)
The Identity service is used for three main purposes: Authenticating users that connect using Canary’s client tools Authorizing other Canary services Managing API Tokens Authenticating Users The…
-
Identity Tile (version 26)
Total Users – total number of internal Canary users created within the Identity service Active Users – total number of Canary users who are currently logged in to a Canary application (Canary Admin,…
-
Identity Architectures (version 26)
When installing the Canary system, it is important to determine where the Identity service will be located as other Canary services must connect to it when authenticating and authorizing users.…
-
How to Create an API Token (version 26)
API tokens are used for several purposes within the Canary system. Reading data from the Historian using the Read API Writing data to the Historian using the Write API Writing data to the Historian…
-
Using API Tokens (version 26)
API tokens are used extensively throughout the Canary system for authenticating users and remote Canary services. Tokens are mapped to an internal Canary user which, in turn,…
-
Tag Security (version 26)
Tag Security is used for restricting who can read and/or write to the Historian. When enabled, Canary users/groups must be given proper permissions within the Identity service.…
-
How to Add an OpenID Connect Identity Provider (version 26)
By default, Canary uses Windows AD for user authentication; however, Canary also supports OAuth 2.0/OpenID Connect. This gives end users alternative options for signing into Canary's application…
-
How to Configure Kerberos Authentication in Edge, Chrome, and Firefox (version 26)
If wishing to enable Kerberos within the Identity service, the following configuration changes may be needed depending on the browser you are using. Edge Install the Edge administrative template .…
-
Kerberos Authentication Limitation (version 26)
Kerberos does not work when connecting to Identity from the local server using a FQDN When a client on the Identity server connects to Identity using a FQDN and attempts to authenticate with Kerberos,…
-
How to Change the Identity REST API Port (version 26)
By default, the Identity service is set to listen on 55353 for inbound client applications (e.g. Axiom, Excel Add-in, and Admin) trying to authenticate.…
-
Identity Provider Routing (version 26)
Identity Provider Routing is used to control which identity providers (e.g. Active Directory, Anonymous, OpenId Connect provider, etc.) are available to end-users logging in based upon their IP…
Welcome to the community!