Skip to main content
Gathering Interest

Ability to configure the PI Extractor to include ptsecurity and datasecurity attributes in the extracted metadata

Related products:Time Series
  • July 16, 2026
  • 1 reply
  • 7 views

Forum|alt.badge.img

 

As a CDF Platform Administrator,

I want the ability to configure the PI Extractor to include ptsecurity and datasecurity attributes in the extracted metadata,

So that I can use these source-level access control lists (ACLs) to automate and enforce data access security for groups of users in Cognite Data Fusion.

 

 

Configuration Options


GIVEN a standard PI Extractor installation,

WHEN looking at the extractor configuration file (e.g., config.yml),

THEN there must be a new, optional configuration parameter (e.g., include-internal-security-metadata: true/false or an override setting).

GIVEN the configuration parameter is omitted or set to false,

WHEN the extractor runs,

THEN it must continue to exclude ptsecurity and datasecurity metadata as it currently does (default secure behavior).

 

Extraction Behavior


GIVEN the configuration parameter is set to true,

WHEN the extractor performs discovery and extracts Time Series metadata from PI,

THEN the ptsecurity and datasecurity attributes must be successfully captured and populated as key-value pairs in the CDF Time Series metadata block.

GIVEN the configuration parameter is set to true,

WHEN a source PI point has empty or null values for these security fields,

THEN the extractor should gracefully skip writing those specific keys to CDF metadata without throwing errors or halting the extraction process.

1 reply

Everton Colling
Expert ⭐️⭐️⭐️⭐️
Forum|alt.badge.img
  • Expert ⭐️⭐️⭐️⭐️
  • July 17, 2026

Hi ​@tainabouzan!

Thank you for suggesting this product idea. We will follow the traction this idea gets in the community. You can expect updates on this post if we decide to include this in our future roadmap, or if we require more information.