OPC UA Account

Overview

You can use this account type to connect OPC UA Snaps with data sources that use the OPC UA Account. It authenticates with the OPC UA server using certificates, credentials or anonymous authentication.

Account settings


OPC UA Account Settings

Legend:
  • Expression icon (): Allows using JavaScript syntax to access SnapLogic Expressions to set field values dynamically (if enabled). If disabled, you can provide a static value. Learn more.
  • SnapGPT (): Generates SnapLogic Expressions based on natural language using SnapGPT. Learn more.
  • Suggestion icon (): Populates a list of values dynamically based on your Account configuration.
  • Upload : Uploads files. Learn more.
Learn more about the icons in the Snap settings dialog.
Field / Field set Type Description
Label String

Required. Specify a unique label for the account.

Default value: N/A

Example: OPC UA Account
Endpoint URL String/Expression

Required. Specify the OPC UA server endpoint URL that includes the protocol, address, and port.

Default value: N/A

Example:
  • opc.tcp://localhost:4840
  • https://opcua.server.com:4841/
Message security mode Dropdown list
Required. Choose the message security mode (level of security) to connect to the OPC UA server. Available options are:
  • None: No security is used.
  • Sign: Uses security policies for authentication.
  • Sign and encrypt: Uses security policies and encryption for authentication.

Default value: None

Example: SignAndEncrypt
Security policy Dropdown list

Appears when you select Sign and Sign and encrypt as the Message security mode.

Required. Choose the security policy that defines the encryption or signing rules. Available options are:
  • Basic128Rsa15
  • Basic256
  • Basic256Sha256
  • Aes128_Sha256_RsaOaep
  • Aes256_Sha256_RsaPss

Default value: Basic128Rsa15

Example: Basic256
Secure channel certificate properties

Appears when you select Sign or Sign and encryptas the Message security mode.

Use this field set to configure user authentication certificate.
Trustore String/Expression Specify the location of the trustore file that is either an unauthenticated URL (https://...) or one that is located in SLDB. Learn more: How to generate a Truststore.

Default value: N/A

Example: truststore.jks
Truststore password String/Expression Specify the password for the trustore file.

Default value: N/A

Example: changeit
Keystore String/Expression Specify the location of the keystore file that is either an unauthenticated URL (https://...) or one that is located in SLDB. Learn more: How to generate a Keystore.

Default value: N/A

Example: keystore.p12
Keystore password String/Expression Specify the password for the keystore file.

Default value: N/A

Example: Encrypted
Key alias String/Expression Specify the alias of the private key to be used from the keystore.

Default value: N/A

Example: myOpcUaClientKey
Private key passphrase String/Expression Specify the passphrase for the private key. Leave this field blank if you want to use the keystore password.

Default value: N/A

Example: myPrivateKeyPass
Transport profile Dropdown list Appears when you select None for Message security mode.
Required. Choose the transport profile. Available options are:
  • TCP UASC UA BINARY
  • HTTPS UA BINARY

Default value: TCP UASC UA BINARY

Example: HTTPS UA BINARY
Authentication method Dropdown list Appears when you select None for Message security mode field.
Required. Choose the method to use for client authentication. Available options are:
  • Anonymous: Authenticates anonymous users.
  • Username and password: Authenticates against the user credentials.
  • Certificate: Authenticates the client using its certificate.

Default value: Anonymous

Example: Certificate
Username String/Expression Appears when you select Username and password for Authentication method field.

Specify the username for authentication.

Default value: N/A

Example: admin
Password String/Expression Appears when you select Username and password for Authentication method field.

Specify the password for authentication.

Default value: N/A

Example: Encrypted
Authentication certificate properties

Appears when you select Certificate as the Authentication method.

Use this field set to configure user authentication certificate.
Keystore String/Expression Required. Specify the location of the keystore file. You can also upload the fiile from SLDB. Learn more about how to generate a Keystore.

Default value: N/A

Example: sldb:///client-cert-store.jks
Keystore password String/Expression

Required. Specify the password to access the keystore file.

Default value: N/A

Example: Encrypted
Key alias String/Expression

Required. Specify the alias of the private key within the keystore.

Default value: N/A

Example: client-auth-key
Private key passphrase String/Expression Specify the passphrase for the private key. Leave this field blank to use the same password as the keystore.

Default value: N/A

Example: Encrypted
Connection properties Use this field set to configure the connection properties.
Connection timeout (milliseconds) Integer/Expression Specify the number of milliseconds the OPC UA server waits before aborting a new connection attempt. For example, if you set the Connection timeout limit to 30 milliseconds, and the account fails to establish a connection in 30 ms, the pipeline logs a timeout exception and aborts execution.

Default value: 5000

Example: 10000
Session timeout (milliseconds) Integer/Expression Specify the session timeout for the connection.

Default value: 120000

Example: 300000
Request timeout (milliseconds) Integer/Expression Specify the timeout for individual requests.

Default value: 60000

Example: 90000