You're currently browsing the Ignition 8.0 docs. Click here to view the latest docs.


Tag security is often the best way to configure security for data access. By defining security on a Tag, you affect the Tag across wherever it is used, as opposed to configuring component security on each component that displays or controls that Tag.

Prior to release 8.0.12, users with specific roles and zones can be given read/write access to a Tag, while other users with other roles are excluded from modifying the Tag. Tags can be given read only permission or read/write permission for all users. 

The following feature is new in Ignition version 8.0.13
Click here to check out the other new features
As of release 8.0.13, Tag security has three options: 

  • Read Permissions: Defines the security levels required in order to read values from a Tag

  • Read Only: Defines whether a Tag is read-only or writable

  • Write Permissions: Defines the security levels required in order to write values to a Tag

Users with specific roles and zones can be given read/write access to a Tag, while other users with other roles are excluded from modifying the Tag.

If a user opens a Perspective view or a Vision client window that has components that are bound to a Tag they do not have permissions for, the user will see a forbidden overlay on top of the component. For more information, see Tag Quality and Overlays.

On this page ...


IULocgo

Tag Security

Read Only Security

When a Tag is set to read only, a Lock  icon is displayed next to the Tag in the Tag Browser. 



Tag Security Prior to Release 8.0.13

These sections provide information on how Tag Security functions in release 8.0.12 and earlier.

Tag Read/Write Security

By default, Tags have read/write security. You can change it to read only security using the Tag Browser in the Designer. 

  1. In the Tag Browser, right-click on the Tag, and select the Edit Tag  icon
  2. Scroll down to the Security section. Use the dropdown list to choose Read Only.



  3. Click OK to close the Tag Editor.  

Tag Custom Security

You can configure custom security on individual Tags, giving access to only certain users with only certain roles or in certain zones.  

  1. In the Tag Browser, right-click on the Tag, and select the Edit Tag  icon. This opens the Tag Editor.
  2. In the Tag Editor, scroll down to the Security section. Use the dropdown list to choose Custom


     
  3. The Custom Permissions option will now appear under Security. By default, it is set to "No Rules." Click on the Edit  icon to set up permissions.



  4. You can now give specific roles permission to edit the Tag. In the Role field, enter the name of the role. In the Zone field, enter a zone if you want to limit access to a zone as well.
  5. Click Add. Repeat for any more roles and zones you want to add.
  6. Click Commit.



  7. Click OK to close the Tag Editor.



The following feature is new in Ignition version 8.0.13
Click here to check out the other new features

Tag Security after Release 8.0.13 

Tag Security has been significantly updated in release 8.0.13. Tag Security now used Security Levels for all Tags, not just in Perspective. Instead of Read/Write and Custom permissions, there are now just Read Permissions and Write Permissions, both of which use security levels. You no longer have to type out role names or security zones. The checkbox tree you are presented with will show you all of the security levels configured in the Gateway Config > Security > Security Levels page.

Read Permissions

Read permissions define the security levels required in order to read values from a Tag. By default, Tags have Read Permissions set to "Public".   You can change the Read security using the Tag Browser in the Designer. 

  1. In the Tag Browser, right-click on the Tag, and select the Edit Tag  icon
  2. Scroll down to the Security section. In the Read Permissions section, click the  Edit  icon.



  3. On the screen, choose the security levels you want to have Read permissions for this Tag. In this example, only users with role of Driver will be able to see the Tag value.



  4. Click Commit to accept the settings. 
  5. Click OK to save the changes to the Tag.
  6. If you are logged in as a user other than Driver, you will now see the  icon instead of the Tag's value. 



Write Permissions

Write permissions define the security levels required in order to read values from a Tag.  By default, Tags have Write Permissions set to "Public".   You can change the Write security using the Tag Browser in the Designer. 

  1. In the Tag Browser, right-click on the Tag, and select the Edit Tag  icon

  2. Scroll down to the Security section. In the Write Permissions section, click the Edit  icon.

  3. On the screen, choose the security levels you want to have write permissions for this Tag. In this example, only users with role of Administrator will be able to write to the Tag value.

Migrating Tag Security from Earlier Versions of Ignition 

Any existing Tag Security will be migrated to the functional equivalent in the new model on upgrade. This also applies to Tag imports from previous versions.




  • No labels