RemoteAccessPermissionServices Thing

Remote Access Extension (RAE) Entity Reference > RAE Things > RemoteAccessPermissionServices Thing

The RemoteAccessPermissionServices Thing provides services that ThingWorx Platform administrators must run to grant permissions and visibility for ThingWorx AlwaysOn devices on which they want to use the ThingWorx Remote Access Extension (RAE) capabilities for remote sessions.

RAE Services in 3.0.0 or later

The RemoteAccessPermissionServices Thing provides the following permissions-granting services, which are called by other permissions services.

Service Name

Description

GrantPermissions

Grants common remote access permissions. This service takes the following parameters: organization, templateName (name of a Thing Template), thingName, and userGroup.

GrantPermissionsThingworxInternal

GrantPermissionsThingworxInternalForThing

GrantPermissionsThingworxInternalForTemplate

Grant remote access permissions for assets running an Edge application written using a ThingWorx Edge SDK, a ThingWorx WebSocket-based Edge MicroServer (WS EMS), or a Lua Script Resource (LSR). Use the GrantPermissionsThingWorxInternalForThing or GrantPermissionsThingWorxInternalForTemplate methods as appropriate for the desired entity type.

These two services take the organization and userGroup parameters. The GrantPermissionsThingWorxInternalForTemplate service also takes the templateName parameter, while the GrantPermissionsThingWorxInternalForThing service takes the thingName parameter.

The GrantPermissionsThingworxInternal service is used internally by the GrantPermissionsThingworxInternalForTemplate and GrantPermissionsThingworxInternalForThing services and should not be invoked directly.

GrantGlobalAccessServerPermissions

Grants permissions required for running a Global Access Server. This service takes the following parameters: organization and userGroup.

GrantRemoteAccessPermissionsGAS

GrantRemoteAccessPermissionsGASForThing

GrantRemoteAccessPermissionsGASForTemplate

Grants remote access permissions for assets using remote sessions managed by a Global Access Server.

Use the GrantRemoteAccessPermissionsGASForThing or GrantRemoteAccessPermissionsGASForTemplate methods as appropriate for the desired entity type. Each service also takes the parameter for the corresponding entity type, thingName or templateName.

The GrantRemoteAccessPermissionsGAS service is used internally by the GrantRemoteAccessPermissionsGASForThing and GrantRemoteAccessPermissionsGASForTemplate services and should not be invoked directly.

To enable the Remote Access Client (RAC) to call the RemoteAccessSubsystem.GetAutoLaunchConfig(remoteEndpoint.thingName) services as a non-admin user in version 3.1.4 of the ThingWorx Remote Access Extension (RAE), the ServiceInvoke run-time permission to this service for the Remote Access Subsystem was added to the GrantPermissions service.

Releases Prior to RAE 3.0.0

In releases of the RAE prior to 3.0.0, only two services are provided for AlwaysOn edge devices:

• GrantPermissionsThingworxInternaForThing

• GrantPermissionsThingworxInternalForThingTemplate

The services for granting remote access permissions and visibility for Axeda eMessageAgent assets are available on the eMessageServicesThing, in the Axeda Compatibility Extension (ACE). See ,eMessageServices Thing in the ThingWorx Axeda Compatibility Package 2 Help Center.

How to Run the Services

No matter which version of the RAE you have installed, the steps for running the services is the same:

1. Log in to ThingWorx Composer.

2. Navigate to the RemoteAccessPermissionServices Thing, and display the Services page.

3. Locate the GrantPermissionsThingworxInternalForThing service.

4. In the Execute column of the service row, click

5. When prompted, set the following required fields:

a. In the organization field, enter the name of the organization created for the ThingWorx user groups that require remote access permissions and visibility on the selected Thing.

b. In the userGroup field, enter the name of the user group created for the ThingWorx users who require remote access permissions and visibility.

c. In the Thing field, enter the Thing Names of the devices that users need to access via remote sessions. ..

d. Click Execute.

e. Click Done to return to the Services page for the RemoteAccessPermissionServices Thing.

6. To run the GrantPermissionsThingWorxInternalForThingTemplate, locate it in the list, and in the Execute column, click

7. When prompted, set the following required fields:

a. In the organization field, enter the name of the organization created for the ThingWorx user groups that require remote access permissions and visibility.

b. In the userGroup field, enter the name of the user group created for the ThingWorx users who require remote access permissions and visibility.

c. In the ThingTemplate field, enter the name of the Thing Template for the devices that users need to access via remote sessions.

d. Click Execute.

e. Click Done to return to the Services page for the RemoteAccessPermissionServices Thing.

Was this helpful?