Configure OPC UA user authentication options for the connector for OPC UA

Important

Azure IoT Operations Preview – enabled by Azure Arc is currently in preview. You shouldn't use this preview software in production environments.

You'll need to deploy a new Azure IoT Operations installation when a generally available release becomes available. You won't be able to upgrade a preview installation.

For legal terms that apply to Azure features that are in beta, in preview, or otherwise not yet released into general availability, see the Supplemental Terms of Use for Microsoft Azure Previews.

In this article, you learn how to configure OPC UA user authentication options. These options provide more control over how the connector for OPC UA authenticates with OPC UA servers in your environment.

Currently, the connector for OPC UA supports user authentication with a username and password. You store and manage the username and password values in Azure Key Vault. Azure IoT Operations then synchronizes these values to your Kubernetes cluster where you can use them securely.

To learn more, see OPC UA applications - user authentication.

Prerequisites

A deployed instance of Azure IoT Operations Preview with Manage Synced Secrets enabled.

Features supported

Feature Supported
OPC UA user authentication with username and password.
OPC UA user authentication with an X.509 user certificate.

Configure username and password authentication

To configure the secrets for the username and password values in the operations experience web UI:

  1. Navigate to your list of asset endpoints:

    Screenshot that shows the list of asset endpoints.

  2. Select Create asset endpoint.

  3. Select Username password as the authentication mode:

    Screenshot that shows the username and password authentication mode selected.

  4. Enter a synced secret name and then select the username and password references from the linked Azure Key Vault:

    Screenshot that shows the username and password references from Azure Key Vault.

    Tip

    You have the option to create new secrets in Azure Key Vault if you haven't already added them.

  5. Select Apply.