Dropdown list to select the Identity Provider that controls access to the Gateway's web configuration interface and the Designer (only when the Designer Authentication Strategy is set to Identity Provider).
When enabled, Ignition will always ask the IdP to re-authenticate the user by default. This effectively disables Single Sign-On.
This field is required.
Designer Authentication Strategy
Controls how the Designer authenticates users. Options are Classic or IdentityProvider.
Classic: The Classic strategy requires the user to enter their username and password in an embedded login form in the Designer. Classic authentication is performed against the System User Source.
Identity Provider: The Identity Provider strategy redirects the user to their IdP in their web browser in order to authenticate. The System Identity Provider setting controls which Identity Provider the user is redirected to. Required.
This field is required. Additional options on this screen will change depending on the Designer Authentication Strategy that is selected here.
Designer Auth Token Inactivity Timeout
The following feature is new in Ignition version 8.1.24 Click here to check out the other new features
The number of minutes which must elapse before expiring a designer user's auth token due to inactivity caused by a disconnected session. Must be greater than zero. Default value is 10.
Designer Auth Token Time-To-Live
The following feature is new in Ignition version 8.1.24 Click here to check out the other new features
(Identity Provider strategy only) The maximum number of minutes a designer user's auth token may exist before it expires. If set to any number less than or equal to zero, auth tokens may live forever, as long as the auth token has not expired due to inactivity.
Designer Permissions
Users must belong to all of these security levels in order to login to the Designer.
Users must belong to at least one of these security levels in order to login to the Designer.
Caution: Empty value in this field means "Public" security level: Access will be unrestricted.
Create Project Permissions
Users must belong to at least one of these security levels in order to create a new Designer project.
Caution: Empty value in this field means "Public" security level: Access will be unrestricted.
System User Source
This user source controls access to the Designer. This field is required.
Designer Role(s)
Users must belong to at least one of these roles in order to log into the Designer. Multiple roles can be specified by separating them with commas, for example:Administrator, Operator.
Create Project Role(s)
Users must belong to at least one of these roles in order to create a new Designer project. Multiple roles can be specified by separating them with commas, for example:Administrator, Operator.
Gateway Config Permissions
Users must belong to all of these security levels in order to login to the configuration section.
Multiple security level paths can be specified by separating them with commas.For example, Authenticated/Roles/Administrator, SecurityZones/localhost
Caution: Empty value in this field means "Public" security level: Access will be unrestricted.
Status Page Permissions
Multiple security level paths can be specified by separating them with commas, for example: Authenticated/Roles/Administrator, SecurityZones/localhost.
Caution: Empty value in this field means "Public" security level: Access will be unrestricted.
Home Page Permissions
Multiple security level paths can be specified by separating them with commas, for example: Authenticated/Roles/Administrator, SecurityZones/localhost.
Caution: Empty value in this field means "Public" security level: Access will be unrestricted.
User Inactivity Timeout
The following feature is new in Ignition version 8.1.1 Click here to check out the other new features
The number of minutes which must elapse before expiring a user's gateway web interface session to inactivity. Sessions will not timeout if set to any number less than or equal to zero.
Allow User Admin
Allows the administration of the gateway's system user source from the Designer and client. Unless this is enabled, the Vision module's 'User Management Component' will be prevented from altering the gateway's system user source and scripts will not be able to alter users or roles. (Default is false.)
Allow Designer SSO
Allows single-sign-on authentication for logging into the Designer if the System User Source supports it. The Designer SSO capability is only available when the Designer Authentication Strategy is set to Classic. (Default is false.)
Gateway Audit Profile
Dropdown list to select the The name of the audit profile that Gateway-scoped actions will log to.
