Security

Currently, when you create a mapping in PI Data archive for OIDC client credentals, you can only assign one identity.This severely limits the granularity and forces to add new identities to existing tags to grant extra permissions and is an easy s...

PI SMT should be able to authenticate users by using OIDC.

A few limitations make difficult to architect AIM with PI 2023: No support for NLB No support for failover cluster No support for multiple independent AIM instances As of today, AIM is a single point of failure and so HA is required to preven...

AVEVA Identity Manager app (PCS) should have option to select a custom DNS Alias name through the UI.

Read access to the PIPOINT table is required for most identities. Pointsecurity and Datasecurity currently use the settings on the PIPOINT table as the default. New points will generally give read access to most identities because of these default...

Possibility to identify in SMT which connections are OIDC, besides the "Is TLS" in Network Manager Statistics.

Currently AIM needs to start before PI DA so it can authenticate OIDC.

We have some user that are able to edit some fields in AF using System explorer but they cannot do it using PI Builder (that require database access). Please align PI Builder access and PI System explorer because the actual situation is a nonsense

Currently the maximum password length for AF Linked Table connections using the "Supply Password" option is 15 characters. This length limitation should be increased to at least 25 characters.

I want to run the Auditviewer function as a unprivileged remote user, moving away from the current requirement to run as a local user on the PI Data Archive Server.  This is so I can minimize security risk associated with local user access on...