Cloud User Mappings (nCloudDriver-CloudUserMappings)

In general, “user mapping” is used for Single Sign-On (SSO) to back-end systems, such as a cloud platform. User mapping maps a portal user ID to the user ID of the back-end system.

In Niagara Cloud user mapping is used when an application id from Honeywell Forge is mapped directly to a user (no authentication checks). Disabled by default, this component provides actions to enable/disable user mappings.

WARNING: UserMappings map only a web application to a user. This does not identify what individual user is making the request, so there is no end-to-end authentication or traceability for these requests. Due to the inherent security risk of not using end-to-end user identification when executing cloud-originated commands on the station, the use of UserMappings is not recommended. If you enable this feature, a confirmation window appears prompting you to acknowledge that you wish to proceed with the non-recommended configuration.

Figure 53. Confirmation window when enabling user mappings

Figure 54. CloudUserMappings property

To access these properties, expand Config > Drivers > Services > Authentication Service > Authentication Schemes > CloudAuthenticationScheme, double-click User Mappings.

Name	Value	Description
Enabled	true, false (default)	Available as a read only property, it is not directly editable. Disabled by default. If set to “true” (via Actions), UserMappings are enabled. If “false”, cloud login attempts will fail, throwing the FailedLoginException to inform the user.

Name

Value

Description

Enabled

true, false (default)

Available as a read only property, it is not directly editable.

Disabled by default. If set to “true” (via Actions), UserMappings are enabled.

If “false”, cloud login attempts will fail, throwing the FailedLoginException to inform the user.

Actions

The following actions are available via right-clicking the component.

Enable User Mappings
Disable User Mappings