Configure Data Archive server access permissions
- Last UpdatedFeb 14, 2024
- 2 minute read
Note: This section only applies if installing in an environment whose end users only use OpenID Connect authentication and you selected the authentication option Use OpenID Connect with Process Identity Client ID for the PI Vision Connection to PI Data Archive and AF Servers. (This is the only valid selection if your PI Vision server is not installed on a domain.) Otherwise, proceed to Configure security.
The Process Identity Client requires read access to data security and point security on each Data Archive server that is available to AVEVA PI Vision users.
You define Data Archive server access permissions for a PI identity (or PI user or PI group).
PI identities link Data Archive authentication and Data Archive authorization (access permissions). Each PI identity has a set of access permissions on the Data Archive server. For example, one PI identity might be allowed to create points, while another PI identity might be allowed to read point data but not create points.
Note: For more information about PI point security, see the PI Server topic Manage PI identities in SMT.
On each Data Archive server that you plan to access through AVEVA PI Vision, follow these steps:
-
Identify an existing PI identity that has the required access permissions.
(Since read access to each PI point is required, it is easiest to use an existing PI identity that already has that access.) If you do not have an existing PI identity, see Create a PI identity.
-
If you created a new PI identity for AVEVA PI Vision, then you need to grant the PI identity read access to the PI points.