Users and Roles

Access to the OT Security Console is controlled by user accounts that designate the permissions that are available for that user. The user’s permissions are determined by the User Groups to which they are assigned. Each User Group is assigned a role, which defines the set of permissions that are available for its members. So, for example, if the Site Operators User Group has the role Site Operator, then all users assigned to that group have the set of permissions associated with the Site Operator role.

The system comes with a set of pre-defined User Groups, which correspond to each of the available roles, Administrators User Group > Administrator role, Site Operators User Group > Site Operator role and so on. You can also create custom User Groups and specify their roles.

There are three methods for creating users in the system:

• Adding Local Users — Create user accounts to authorize individual users to access the system. Assign users to User Groups that define their roles.

• Authentication Servers — Use your organization’s authentication servers (for example, Active Directory, LDAP) to authorize users to access the system. You can assign OT Security roles based on your existing groups in Active Directory.

• SAML — Set up an integration with your Identity Provider (for example, Microsoft Entra ID) and assign users to your OT Security application.