Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Operations Management Interface

Use Azure Active Directory credentials for verified write authentication

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

Use Azure Active Directory credentials for verified write authentication

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedJul 17, 2024
  • 2 minute read

When security is configured with Azure AD as an authentication provider, users can use their Azure AD credentials to authenticate verified write operations. For general information about verified writes, see Working with the SignedWrite() function for secured and verified writes.

Two users with valid Azure AD permissions are required to write to a verified-write attribute.

An authentication dialog opens when you attempt to write to a Verified-Write attribute.

Azure AD: Verified Write Dialog

To use Azure Active Directory credentials for Verified Write authentication

  1. User 1 clicks the Authenticate button in the authentication dialog. The AVEVA Identity Manager window opens.

    Identity Manager sign on using ADO active directory

  2. User 1 selects the Azure Active Directory button. This launches Azure AD log-in screen.

    Note: Windows Integrated Login is not supported in Controlled Release 2.

  3. User 1 enters their credentials and follows the on-screen instructions.

  4. The verified write operation can proceed to the next phase if:

    • User 1 has at least one security role assigned.

    • User 1 group memberships for Azure AD must be valid.

    • User 1 has at least one role assigned that allows them to write to attributes.

  5. When User 1 is successfully authenticated, the second Authenticate button in the Verified Write dialog is enabled.

  6. User 2 clicks the enabled Authenticate button. The AVEVA Identity Manager window opens.

  7. User 2 selects the Azure Active Directory button. This launches Azure AD log-in screen.

    Note: Windows Integrated Login is not supported in Controlled Release 2.

  8. User 2 enters their credentials and follows the on-screen instructions.

  9. The verified write operation can proceed to the verification phase if:

    • User 2 has at least one security role assigned.

    • User 2 group memberships for Azure AD must be valid.

    • User 2 has at least one role assigned that allows them to verify attributes.

    When User 2 is successfully authenticated, they can add comments in the authentication dialog. User 2 selects Set to verify the attribute changes.

    If verification is attempted using the same credentials as user 1, the following error is displayed:

    Operator and Verifier have to be two different users

    Authentication fails if the group was not added for the user's role, and the following error is displayed:

The login attempt failed.

The user must have at least one role assigned to it to be able to log in.

TitleResults for “How to create a CRG?”Also Available in