IAM - Overview¶

The Identity and Access Management (IAM) system on the ie device offers essential features for managing users, roles, groups, permissions, service-to-service authentication, authorization, and gateway access. Additionally, it can be connected to the IAM of the Industrial Edge Management (IEM) for extended capabilities.

Authentication¶

The IAM on the IE device is responsible for uniquely identifying and authenticating all human users. Authentication for both user interface and API requests is enforced by the gateway.

Users can log in to the ie device via its URL by entering their email and password and clicking Sign in. Each login creates a session that remains valid for 12 hours. If there is no activity for 12 hours, the session is automatically locked. This behavior is fixed and cannot be changed. To end the session before the timeout, users must log out manually by clicking Sign out in their account.

Enhanced IAM functionality¶

For advanced IAM features such as user management, password policies, and integration of external users, it is highly recommended to connect to the IEM rather than relying on local user management.

IAM - Overview¶

Authentication¶

Login and Logout¶

Enhanced IAM functionality¶