Configure SDK authentication protocols in SMT

When a PI SDK application attempts to connect to the Data Archive server, it tries all available authentication methods until it succeeds. You can configure the order in which it tries the authentication methods. The possible methods are:

• Windows Security. We recommend you use this method wherever possible.

  If a valid PI mapping exists for the Windows user (or for any group to which the user belongs) then the user is authenticated as the PI identity, PI user, or PI group defined for that mapping.

• PI Trust.

  If the connection request matches an existing PI trust, then the user is authenticated as the PI identity, PI user, or PI group defined for that trust.

• A default PI user account. We do not recommend this method.

The first method that succeeds defines the access permissions granted to the connecting application. After an authentication method succeeds, no other methods are tried. By default the SDK (1.3.6 and later) tries to authenticate first through Windows.

You can use PI SMT to configure the methods the SDK tries first:

1. Select File > Connections to open PI Connection Manager.

2. Select Tools > Options to open the Connection Option dialog box.

3. Under Specify Authentication Procedure, specify which protocols to allow and in which order to try them in Protocol order.

   Note: You can also access PI Connection Manager from the About PI-SDK application. Select File > Connections.