Identity Management
In many companies, identity management is handled by identity providers (IdP).
For small TrendMiner setups, or for new customers, it is recommended to initially use local user management (to shorten the time to value).
For larger or more mature setups, administrators can reduce their administrative overhead of managing TrendMiner by integrating these IdP’s.
Handle creation/disabling of user accounts automatically (authentication).
Provide data access rights based on group membership (authorization).
Most companies use some form of Active Directory (LDAP) or SSO (SAML), with SSO becoming the dominant choice.
Note that for SaaS deployments, only SSO is available
In a typical use case, integration of an IdP intends to accomplish a scenario such as:
Automatically provide engineers and operators TrendMiner access with their standard company login.
Once logged in, they can access (only) their plant’s data (and only their data). This could mean all tags in one specific historian server, or even more granular, a subset of tags within one historian (especially relevant for large, centralized historian servers).
Some super-users or central engineers are granted access to all data to perform global projects.