Create an OPC-UA Thing Schema

Example Schema

You need to define the Thing that is going to represent and store the data from selected nodes from the OPC-UA server.

The following is an example of a Thing schema that has two properties defined for nodes present on the Milo demo server used in the discovery section:
{ 
  "@type": [ 
    "swx:opcua" 
  ], 
  "actions": { 
    "readNodeValue": { 
      "input": { 
        "type": "string" 
      }, 
      "title": "Read Node Value" 
    } 
  }, 
  "events": { 
    "readNodeValue": { 
      "data": { 
        "type": "string" 
      }, 
      "description": "", 
      "title": "Read Node Value Result" 
    } 
  }, 
  "properties": { 
    "config": { 
      "properties": { 
        "auth": { 
          "type": "string" 
        }, 
        "endpoint": { 
          "type": "string" 
        }, 
        "intervalData": { 
          "type": "integer" 
        }, 
        "mode": { 
          "type": "string" 
        }, 
        "policy": { 
          "type": "string" 
        } 
      }, 
      "type": "object" 
    }, 
    "ns=2;s=Demo.Dynamic.Float": { 
      "@type": "float64", 
      "readOnly": true, 
      "title": "RandomFloat", 
      "type": "number" 
    }, 
    "ns=2;s=Demo.Dynamic.Int32": { 
      "@type": "int32", 
      "readOnly": true, 
      "title": "RandomInt32", 
      "type": "integer" 
    } 
  }, 
  "title": "OPC-UA Thing" 
} 
Important parts of this schema are:
  • The @type needs to have an item with value swx:opcua. Without it, the OPC-UA Device Driver will not process the schema.
  • The config property (of type object) is used to set various OPC-UA configurations (see below).
  • The other two properties are configured to subscribe to specific nodes on the OPC-UA server.
  • The readNodeValue Action and Event can be used to manually retrieve a value from any OPC-UA node on the server.

OPC-UA Config Property

The config property is of the type object and can have various child properties that are used for the OPC-UA configuration. The endpoint is required.

The following property keys are allowed (see OPC-UA Driver):

Basic
  • endpoint (required): this is the endpoint of the OPC-UA server
  • interval (optional; default 30000): the subscription interval in milliseconds
It is recommended to only set the basic options and leave the advanced ones to the default values. If the OPC-UA server does not allow self-signed certs to be used by clients, the advanced options can be used.
In the example schema shared earlier, the required endpoint config property is present, as well as some selected advanced config properties. You can add or remove config properties to match your OPC-UA server setup, as long as the required endpoint is there.
Advanced
  • mode (optional; default auto): the security mode to use, available options auto, None, Sign, SignAndEncrypt
  • policy (optional; default auto): the security policy to use, available options auto, None, Basic128Rsa15, Basic256, Basic256Sha256, Aes128_Sha256_RsaOaep, Aes256_Sha256_RsaPss
  • autogencert (optional; default true): auto generate a self-signed cert if no certfile/keyfile are specified
  • certfile (optional): a public cert to use for communication with the endpoint
  • keyfile (optional): the private key of the public cert
  • auth (optional; default Anonymous): the authentication method for the connection to the server. Available options include Anonymous, Username, and Certificate"
  • username (optional): needed when authentication method is set to Username
  • password (optional): needed when authentication method is set to Username
If either mode or policy are set to None, they will both be treated as set to None.
If both mode and policy are set to auto, then the highest available security mode and level as recommended by the server will be used.
If only policy is set to auto, then the highest available security level with the requested mode will be used.
If only mode is set to auto, then the highest available security level with the requested policy will be used.
If no authentication method is configured, a UserIdentityToken for anonymous authentication will be set.