Nexeed

Multitenant Access Control
    • Introduction
    • User manual
      • Basic operation
      • User
      • Groups
      • Roles
      • Organizations
      • Contracts
      • Modules
      • Identity providers
        • General Settings for the Identity Provider
        • Mapper Overview
      • Reports
      • Activity log
      • My Account
        • Overview: Login Tab
    • Developer documentation
      • Concepts
        • Authentication
        • Authorization
        • Resources
        • Roles
        • Sharing
      • Getting started
        • Registration
        • Authentication
        • Authorization
        • Multitenancy
      • How-to
        • Get & handle tokens
        • OAuth 2.0 for Mobile and Native Apps
        • Evolve authorization in your application lifecycle
        • Use Web Core for user login
        • Handle our integration events
        • Do automated testing
        • Advertise things to colleagues
      • Deep dives
        • OAuth2 and its flows
        • OpenID Connect endpoints
      • Troubleshooting
    • API documentation
      • HTTP API
      • Event API
    • Glossary
Multitenant Access Control
  • Industrial Application System
  • Core Services
    • Block Management
    • Deviation Processor
    • ID Builder
    • Multitenant Access Control
    • Notification Service
    • Reporting Management
    • Ticket Management
    • Web Portal
  • Shopfloor Management
    • Andon Live
    • Global Production Overview
    • KPI Reporting
    • Operational Routines
    • Shift Book
    • Shopfloor Management Administration
  • Product & Quality
    • Product Setup Management
    • Part Traceability
    • Process Quality
    • Setup Specs
  • Execution
    • Line Control
    • Material Management
    • Order Management
    • Packaging Control
    • Rework Control
  • Intralogistics
    • AGV Control Center
    • Stock Management
    • Transport Management
  • Machine & Equipment
    • Condition Monitoring
    • Device Portal
    • Maintenance Management
    • Tool Management
  • Enterprise & Shopfloor Integration
    • Archiving Bridge
    • Data Publisher
    • Direct Data Link
    • Engineering UI
    • ERP Connectivity
    • Gateway
    • Information Router
    • Master Data Management
    • Orchestrator
Nexeed Learning Portal
  • Multitenant Access Control
  • User manual
  • Modules
✎

Modules

External modules can be added to the Nexeed Industrial Application System. The modules can be edited and linked to roles. A module that has been created can communicate with other modules and, if applicable, also to their data, using the assigned roles.

By default, the installed IAS modules are listed in the Access management > Modules menu.

mac_applications_overview

After selecting a module in the overview, the module data is displayed in the detailed view on the right. In this view, you can edit the module data and manage assigned roles.

Detailed view

Icon/element Description

Details

Displays the module details

Assigned roles

Displays the roles that are assigned to the module

Adding a Module

External modules can be added to the Nexeed Industrial Application System. After a module has been integrated, it is displayed in the overview.

Prerequisite

Module Manager role

Procedure

  1. Call up the Access management > Modules menu.

  2. Click add_border.

    The Add module dialog window appears with the Details step.

    mac_modules_add_details 2024-01

  3. In the Details step, enter the following information:

    • Module name

      Name of the module

      Display name of the module

      Name to be displayed in the overview and in the Nexeed Industrial Application System

    • Client secret

      Used to configure the module.

      The client ID is automatically generated and will appear at the end of the Access data step. The client ID is additionally used for configuring the module.
      Make sure that the client ID is safely retained for reference.

  4. Click Next.

    The User login step will appear.

    mac_modules_add_user login 2024-01

  5. To configure the module login, enter the following information:

    • If you do not want additional logins to take place for the module, deactivate the User login switch.

      No further information is required in the User login step.

    • If a login needs to take place for the module on a user device, activate the User login switch.

    • If a login needs to take place for the module via the server using a confidential client, activate the Create public client switch.

  6. To configure the connection to the module, enter the following information:

    • Redirect-URLs

      URL to which the user should be redirected after successfully logging into the module.

      Placeholders (e.g. http://bosch.com/Apps/SimpleApp/* ) and relative paths are possible.

    • Web origins

      URL from which the user may log in to the module (e.g. http://bosch.com ).

      Requests from other URLs are rejected.

  7. Click Next.

    The Summary step will open.

    mac_modules_add_summary 2024-01

  8. To edit details, click on Back or on the required step.

  9. To save the details, click Save in the Summary step.

    The module is added to the Nexeed Industrial Application System.

    In the Access data step, the access data for registering the module in the Nexeed Industrial Application System is displayed.

    If the Create public client switch has not been activated in the User login step, the Public client ID field remains blank.
    mac_modules_add_credentials 2024-01

    To copy data to the clipboard, click mdm_copy_icon at the end of the respective row.

  10. Exit the operation using Close.

The module is added and displayed in the overview.

  • To edit the added module, continue with Editing a Module.

  • To assign a role to the module, continue with Assigning a Role to a Module.

Editing a Module

Prerequisite

Module Manager role

Procedure

  1. Call up the Access management > Modules menu.

  2. Select the required module from the overview.

    The module data is displayed in the Details tab in the detailed view on the right.

  3. Click edit_blue in the detailed view.

    The Edit module dialog window appears with the Details step.

    mac_modules_edit_details 2024-01

  4. Adjust the required information in the Details step:

    • Module name

      Name of the module

    • Display name of the module

      Name to be displayed in the overview and in the Nexeed Industrial Application System.

  5. Click Next.

    The User login step appears.

    mac_modules_edit_summary 2024-01

  6. Adjust the required information in the User login step:

    • User login switch

      If you do not want additional logins to take place for the module, deactivate the User login switch. No further information is required in the User login step.

      If a login needs to take place for the module on a user device, activate the User login switch.

    • Create public client switch

      If a login needs to take place for the module via the server using a confidential client, activate the Create public client switch.

    • Redirect URLs

      URL to which the user should be redirected after successfully logging into the module.

      Placeholders (e.g. http://bosch.com/Apps/SimpleApp/*) and relative paths are possible.

    • Web origins

      URL from which the user may log in to the module (e.g. http://bosch.com ).

      Requests from other URLs are rejected.

  7. Click Next.

    The Summary step will open.

  8. To edit details, click Back or the required step.

  9. To save the details, click Save in the Summary step.

The module is displayed in the overview with the changed details.

  • To assign a role to the module, continue with Assigning a Role to a Module.

Assigning a Role to a Module

Prerequisite

Module Manager role

Procedure

  1. Call up the Access management > Modules menu.

  2. Select the required module from the overview.

    The module data is displayed in the Details tab in the detailed view on the right.

  3. In the detailed view, go to the Assigned roles tab.

    mac_modules_assign role_2022-02-02

  4. Click add_border.

    The Select role dialog window appears.

    mac_choose_role_to_assigne_to_application

  5. To limit the number of roles, implement the following settings:

  6. In the Domain drop-down list, select the module or organization in which the corresponding application role or organization role is located.

    Or:

    Enter the required role designation in the Search text field.

    Organizational roles are marked with a - in the Module column.

  7. Select the required roles.

  8. Click Assign.

The selected roles will be assigned to the module and displayed in the detailed view in the Assigned roles tab.

  • To cancel an assignment of a role to a module, continue with Canceling the Assignment of a Role to a Module.

Canceling the Assignment of a Role to a Module

The assignment of roles to a module can be changed.

Prerequisites

  • Module Manager role

  • At least one module has been created: Add module.

  • At least one role has been created ( Adding a Role ) and has been assigned to the module Assign Role to a Module.

Procedure

  1. Call up the Access management > Modules menu.

  2. Select the required module from the overview.

    The module data is displayed in the Details tab in the detailed view on the right.

  3. In the detailed view, go to the Assigned roles tab.

    mac_modules_assign role_2022-02-02

  4. To limit the number of roles, implement the following settings:

    In the Domain drop-down list, select the module or organization in which the corresponding application role or organization role is located.

    Or:

    Enter the required role designation in the Search text field.

    Organizational roles are marked with a - in the Module column.

  5. Click delete next to the role you want to delete.

The assignment of the role to the module is canceled and the role is no longer displayed in the Assigned roles tab.

Contents

© Robert Bosch Manufacturing Solutions GmbH 2023-2025, all rights reserved

Changelog Corporate information Legal notice Data protection notice Third party licenses