About Proficy Authentication

In Historian, user authentication is handled using Proficy Authentication, which provides user account and authentication (UAA) service. Proficy Authentication provides identity-based security for applications and APIs. It supports open standards for authentication and authorization, including Oauth2.

When a user is created, modified, or deleted in Historian, the associated user account is being created, modified, or deleted in the Proficy Authentication instance, respectively.

Note: This is done in the back-end automatically. Therefore, most users will not require knowledge on UAA to perform basic user management, except when additional configuration is required.

To use Proficy Authentication, you can choose between the following options while installing Web-based Clients:

Use a local Proficy Authentication service: Use this option if you want to create a local Proficy Authentication instance. This is the default option. You can create this while installing Web-based Clients.
Using an existing Proficy Authentication service: Use this option if you are currently using a Proficy Authentication service on a remote machine. You can install this service using Historian Web-based Clients, or you can use any other UAA service (such as Proficy Authentication installed using Operations Hub). You can then manage these users in Web-based Clients. The users in the remote Proficy Authentication service can then use Web-based Clients.

You can use Proficy Authentication plugin in Configuration Hub to manage groups, manage users, and map LDAP groups, and SAML groups with the Proficy Authentication groups.

For more information, refer to Proficy Authentication in Configuration Hub at https://www.ge.com/digital/documentation/confighub/.