Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ System Platform

Recommended SMS architecture using an authentication provider

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

Recommended SMS architecture using an authentication provider

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedAug 12, 2025
  • 2 minute read

This system design contains a minimum of three nodes for user authentication, and provides the highest level of robustness and redundancy. It is also the most architecturally complex. Use the System Platform Configurator to configure the System Management Server.

Node 1 - standalone SMS

Configure the System Management Server on the license server or System Monitor server.

  • On the System Management Server tab of the Configurator, select the option "This machine is the System Management Server."

  • On the Authentication Provider tab:

    • Select the checkbox to "Configure this machine to provide SSO via an external Authentication Provider."

    • Configure the token host.

      Note: This node is not deployable since it does not contain a WinPlatform object. As a result, it may not be reachable by other nodes under certain circumstances. Therefore, Redundant SSO nodes are required.

Node 2 - redundant SSO node on the GR

Configure the GR node or other deployable node, such as an IDE node, as a Redundant SSO node.

  • On the System Management Server tab of the Configurator, select the option "Connect to an existing System Management Server."

    • Select node 1 as the existing SMS node.

    • Select the checkbox "Configure this machine as a Redundant SSO Server."

  • On the Authentication Provider tab:

    • Select the checkbox to "Configure this machine to provide SSO via an external Authentication Provider."

    • Configure the token host.

Node 2 is now now configured to provide user authentication via the SSO provider in the event node 1 is unreachable.

Node 3 - second redundant SSO Node on a deployed platform

Configure an IDE node or other deployable node, such as an Application Object Server node, as a second Redundant SSO node.

  • On the System Management Server tab of the Configurator, select the option "Connect to an existing System Management Server."

    • Select node 1 as the existing SMS node.

    • Select the checkbox "Configure this machine as a Redundant SSO Server."

  • On the Authentication Provider tab:

    • Select the checkbox to "Configure this machine to provide SSO via an external Authentication Provider."

    • Configure the token host.

Node 3 is now now configured as a second redundant authentication provider.

Node 4 though n

  • On the System Management Server tab of the Configurator, select the option "Connect to an existing System Management Server."

    • Select node 1 as the existing SMS node.

    • For the option to configure the node as a Redundant SSO Server, leave the checkbox unchecked.

  • On the Authentication Provider tab:

    • Select the checkbox to "Configure this machine to provide SSO via an external Authentication Provider."

      Note: Since this node is not a redundant authentication provider, the fields to configure a token host are not shown.

In This Topic
TitleResults for “How to create a CRG?”Also Available in