What is M2M?

M2M (Machine 2 Machine) refers to direct electronic communication among machines, devices and systems. For example, a program in a PC communicating with smart sockets that measure the immediate current without human intervention. Generally we also use the term
OPEN API
 for this.
In FactoryTalk DataMosaix, identities are managed as:
Machine to Machine identities
  • Applications
  • Extractors
User Identities
Note:
 Auth0 is the identity provider. Auth0 authenticates the identity (user/M2M) and has no knowledge of the identity role / group membership at this stage. However, after successful authentication, Auth0 offers the ability to perform an action that enables:
  • To call a Datamosaix endpoint that ask for role/group membership the identity.
    • User => GET /api/v1/users/{uid}/claims
    • M2M => GET /api/v1/machine/{uid}/claims
  • To inject the role/group claims into the identity token.
For every FactoryTalk DataMosaix REST endpoint, it is defined which role is authorized to call it. An identity must therefore be a member of the role in order to successfully call the endpoint. These roles are defined independently for each CDF project/tenant (the project name is identical, but the role ID is different and unique). In other words, the name of the 'Project Admin' in Project A and B is identical, but the role IDs are different. The role IDs are listed in the token and not the role names.
Provide Feedback
Have questions or feedback about this documentation? Please submit your feedback here.