Skip to content

User Management Service FAQs

Everything you every wanted to know about the User Management Service and how to use it.

Home Knowledge Hub Frequently Asked Questions User Management Service FAQs

Of course, this is a pity in the first place and we would appreciate your feedback why you decided against Just use our contact form for that. We strive to improve!

The Smart Services enable customers to import data from different devices (production plants, measuring devices, etc.) and from different locations (worldwide) into the Smart Service, operated on in order to link them with each other and make them remotely evaluable.

For this purpose, the Smart Service enables standardized analyses based on the imported data and e.g. visualizes them with dashboards.

With our User Guiding, we want to make it even easier to get started with the various Smart Services. The guides offer interactive tours through the Smart Services to explain individual functions or to get an overview of the areas of a Smart Service.

In the video you can see how you can use the User Guiding and start interactive guides.

Example of how User Guiding works on Proficloud and in the Time Series Data Service

The first time you visit a Smart Service, you will be greeted by a prompt. You can either get an introduction to the Smart Service you just have open in the welcome, or access the guides again later at any time by accessing the button labeled “Guides & FAQs” on the right side of the screen.

We use a service on that allows to conveniently display all FAQs and guides relevant to the active smart service.

To access the FAQs, just click on the button on the right side of the screen labeled “Guides & FAQs”.

On the right side of the screen, the FAQs and the guides are displayed.

Metric is just another name for variable. One example could be a temperature, wind speed, voltage etc.

As of right now, is running in AWS data centers, located in Frankfurt. Phoenix Contact does not operate their own data center for Proficloud. Because all data is hosted in Frankfurt, German law applies

Vulnerability scanning

We are using an web-application vulnerability scanner (Automated security and asset monitoring) to monitor the web-apps for potential takeovers and remediate security bugs in staging and production as soon as they are known and we are using products for automatically prove our code quality & code security.

Hardening techniques

We apply different hardening practices (like i.e. use of service packs, automatic dependency checks, patches & patch-mgmt, etc.) for our service-containers

GDPR compliance is completely GDPR compliant, thereby conforming to the highest data privacy standards.

Operating system

All our virtual servers are based on Linux, increasing the resiliency of our cloud system. 

Spectre/Meltdown & know CPU security vulnerabilities

Infrastructure has been updated with these new protections, and no customer action is required at the infrastructure level.

Permission / user management

We‘re looking on rolling out a sophisticated permission management system throughout 2021, allowing companies fine-grained controls over what users are capable of accessing. 

Password policy

High security passwords are enforced by the platform. In general the password needs at least 10 characters, upper & lowercase letters, number(s) and special character(s).

Public key infrastructure

We are using EJBCA as PKI for all tenants in, allowing us to revoke potentially compromised certificates whenever needed.

Secure bidirectional device communication

CA signed remote commands are used regarding the connected devices. All communication is encrypted using TLS 1.2 and client certificate authentication.

Secure firmware update process for devices

Hardened firmware update process for devices with IEC 62443 measures.


All connections between users and devices to proficloud are encrypted using TLS 1.2. 

Data centers

Phoenix Contact Smart Business uses dedicated aws data centers for running guaranteeing an industry leading security level for customers.

Some services, such as the Device Management Service can be used free of charge. Other services, including Time Series Data Service allow customers to  test them free of charge, but require payment for actual production workloads.

Cloud pricing ist often complicated, but that’s not the case for We always make sure to offer payment models, which are easy to understand, enabling our customers to always understand their true costs. This means for you that in the Time Series Data Service, for example, you pay per metric that you send to the cloud. With this model, we naturally offer you suitable packages, so that you have maximum freedom in cost calculation and can rely on the exact costs incurred.

In other services (e.g. ImpulseAnalytics) you only pay per device for one year. This is based on the business model, which was developed especially for this service and offers the user an easy way to calculate the costs.

As soon as you book a service, you will receive a booking confirmation by e-mail, as well as a booking confirmation within You can use the booked service directly after the booking. You will receive a separate e-mail with the conditions (taxes, legal framework) from Phoenix Contact that apply to you.

Position of the UUID on a Phoenix Contact controller for adding to the Proficloud
Example for the position of the UUID on an AXC F 2152

The UUID (Universally Unique Identifier) is required for adding a device to Proficloud. It is printed externally on the device’s housing. After the installation and commissioning of the device, the UUID may not be visible anymore. Thus, it is mandatory to document the UUIDs during the device installation. 

We recommend to additionally document the respective device designation within your system or a unique, descriptive name for the device. This enables you to identify the device again within your system locally.

If you cannot access, please contact your company’s IT. Security restrictions of your company’s IT may result in access problems to

An unrestricted internet connection is required for the following addresses and sub-adresses in case of port 443 (HTTPS) and port 8883 (MQTT over TLS):

This needs to be guaranteed by the company’s IT.

  1. Click on the profile icon in the upper right corner of the browser
  2. Click on [Settings]
  3. Click on the pencil on the right side of the browser next to your current e-mail address
  4. Now enter your new e-mail address in the field for the e-mail address and click on [Save Profile Data]
  5. Click on [Confirm] to confirm the action. You will be logged out and will receive a confirmation e-mail at your new e-mail address
  6. Click on the link in the e-mail to verify the e-mail-address change

See at a glance which devices can use which services. The listed devices are Phoenix Contact devices with direct integration. You can integrate a lot more device with a Gateway Solution and NodeRED. Sort the table according to your needs.

Device Management ServiceTime Series Data ServiceEMMA ServiceImpulseAnalytics Service
AXC F 2152
PLCnext Control
2020.6.1 (or higher)2021.0.x LTS (or higher)--
AXC F 1152
PLCnext Control
2021.0.x LTS (or higher)2021.0.x LTS (or higher)--
AXC F 3152
PLCnext Control
2021.0.x LTS (or higher)2021.0.x LTS (or higher)--
RFC 4072S
PLCnext Control
2021.0.x LTS (or higher)2021.0.x LTS (or higher)--
EPC 1502
2021.0.x LTS (or higher)2021.0.x LTS (or higher)
EPC 1522
2021.0.x LTS (or higher)2021.0.x LTS (or higher)
IoT-enabled EMpro
2020.6 (or higher)2020.6 (or higher)2020.6 (or higher)-
IoT-enabled EMpro
2020.6 (or higher)2020.6 (or higher)2020.6 (or higher)-

We design our email to get through most email filters so that it gets into your inbox without any problems. If you still do not receive a registration email, it could have ended up in your spam folder.

Many companies filter and block incoming mail and might not forward our emails as intended.

If you don’t receive your registration email for example, please contact your IT support. If they can’t find a problem, please let us know by writing an email to

We built from scratch, including identity management. Therefore your credentials are not valid in Simply create a new account free of charge.

In general it makes sense to use The firmware of the PLCnext controllers can only connect to with the latest version. In the future will be the only supported version.

In short: No.

All changes will be done the next time you log into In your daily work with you might not even experience any changes.

Here is a list of all changes in comparison to your “personal account”:

  • Your personal will change to an organization with you as an admin.
  • All subscriptions moved from your personal settings to your organization settings.
  • Billing details moved from your personal settings to your organization settings.

The User Management Service was released on 24/03/2022 and is available for use by any user on

No. The User Management Service is a free Core Smart Service, which means it is free and for everyone, who is using

An organization within is a self-contained unit. This unit contains users (with user roles), devices, smart services, billing and subscription management.

A user can be a member of more than one organization.

Visit the User Management Service and click on [Invite User] in the top bar. Now enter the email address of the user you want to invite, write a short message and select the appropriate role for the new user.

If the invited person belongs to the same domain as you, you can now send an email, if it is a different domain, you will receive a link that you have to send to the new user manually.

In this way, we comply with the applicable data protection regulations.

Your active organization is displayed in a dropdown menu in the navigation on the right. With a click on the button you can select “Create new organization” and start the process of creating a new organization.

The active organization is the area you are currently in. Here you can only access the elements that are registered in this organization. If you have other devices or other elements in another organization, you can only use and edit them when you change the organization.

Your active organization is displayed in a dropdown menu in the navigation on the right. With a click on the button you can change your active organization.

All permissions that an individual user can have are always based on roles. Permissions are therefore always assigned to a role, never to an individual user. All permissions are recorded in a role.

User permissions

Device Management Service

Access Smart ServiceThe user can access the Device Management Service
View devicesThe user can see and open the existing devices. He can see into all tabs.
Add devices
The user can add new devices to
Delete devicesThe user can delete existing devices from
Reset device tokenThe user can reset the device token of a device.
Edit data of deviceThe user can change metadata, such as device name, location, tags or the description.
Export logsThe user can export the logs of a device.
Perform firmware updatesThe user can start a firmware update of a device.
Assign metricsThe user can add or remove metrics of a device.

User Management Service

Access Smart ServiceThe user can access the User Management Service
Invite UserThe user can invite another user to the active organization
Change User roleThe user can change the role of another user and thus grant different rights accordingly
Remove UserThe user can remove a user from the active organization and thus revoke the user's access to the organization

Service Store & Subscription Management

Access Smart ServiceThe user can access the Service Store
Book a Smart ServiceThe user can book a Smart Service in the Service Store
Cancel SubscriptionThe user can cancel an ongoing paid subscription
Assign MetricsThe user can assign metrics to a device within a subscription
Assign DevicesThe user can assign a device to a subscription within a subscription

Organization Settings

Create OrganizationThe user can create a new organization
Rename OrganizationThe user can rename the active organization
Change Billing informationThe user can change the organization's billing information

EMMA Service

Access Smart ServiceThe user can access the EMMA Service
View dashboardsThe user can view existing dashboards
Create dashboardThe user can create a new dashboard
Create new widgetThe user can create a new widget within a dashboard
Delete dashboardThe user can delete an existing dashboard
Remove widgetThe user can delete a widget within a dashboard
Add/change metadata of a dashboardThe user can change metadata, such as title or description
View reportsThe user can access the Reports section
Create new virtual deviceThe user can create a new virtual device to be able to use it in dashboards
Export energy dataThe user can use the process for exporting the displayed data
Use widgetThe user can make various settings within a widget (e.g. change the date, devices or statistics)
Download reportThe user can download a report in the reports section.
Change settingsThe user can change various settings in the Reports section based on the dashboards used

Time Series Data Service

Access Smart ServiceThe user can access the Time Series Data Service
Show dashboardsThe user can access the dashboards in different dashboard groups
View device templateThe user can call up the device template in the Time Series Data Service
Create new dashboardThe user can create a new dashboard
Delete dashboardThe user can delete a dashboard
Create notification channelThe user can set up new notification channels
Delete notification channelThe user can delete existing Notification Channels
Edit notification channelThe user can change existing notification channels
Create alert rulesThe user can create a new alert rule within a dashboard
Edit alert rulesThe user can edit existing alert rules
Delete alert rulesThe user can remove existing alert rules.
Mark as favoriteThe user can mark an existing dashboard as a favorite
Change home dashboardThe user can change the Home Dashboard (this applies only to personal access to the Time Series Data Service)
Set individual PermissionsThe user can distribute individual permissions within the Time Series Data Service based on roles, users, dashboard groups, or individual dashboards

Impulse Analytics Service

Access Smart ServiceThe user can access the Impulse Analytics Service.
Show detail view of deviceThe user can open the devices in the Impulse Analytics Service and analyze the different statuses of the arresters
Show graph of surgeThe user can view the graphical representation of a lightning strike
Create status reportThe user can create and export a status report for a specific device.
Show JournalThe user can access the journal in the Impulse Analytics Service.
Edit notificationsThe user can set up notifications for specific users within the journal
Show Control APIThe user can access the Control API of the Impulse Analytic Service.
Generate new API tokenThe user can have a new API token generated.
Download surgesThe user can download data about individual surges as CSV
Configure arresterThe user can add and edit the arresters

Not at the moment. At the moment provides three different roles. In later releases of the User Management Service it will be possible to create custom roles with more granular permissions.

Visit the User Management Service in the left navigation and select the user whose role you want to change. Now click on “Change Role” to assign a new role to him.

Attention: Roles can only be changed by admins.

As a user with the Admin role, you can remove other users from your organization. To do this, visit User Management and find the user you want to remove. Then click the three-dot menu and click Remove user.

When you are removed from an organization, or you leave it yourself, there are two ways what happens – in both you lose the access to the data and devices of the organization you left.

If you are still a member of additional organizations, nothing will happen except that you will no longer have access to the devices and data of the organization you left.

If you are not a member of another organization, an “empty” organization is automatically created for you, in which you can continue to use You will no longer have access to the devices or data of the organization you left.

In an organization, over 100+ individual users can be invited – Currently, there are no limits on the number of people in an organization.

If you want to add more than 100+ user, please get in contact so we can improve the onboarding.

Currently there is no limit to the number of organizations you can create. If you have more than 10 organizations, please contact us so that we can optimize the process with you.

With resource-based access control, permissions to individual devices can be assigned granularly for individual users. For example, an admin can give a user (regardless of their role) access to one or more devices that can then be used in all Smart Services (based on their role).

RBAC (Resource Based Access Control) is automatically enabled for all users. As an admin of an organization, the settings in the User Management Service can be changed at user level.

At the time of RBAC implementation, all users are granted access to all devices, so nothing changes for existing users. Access rights to individual devices can then be removed again for individual users.

As an Admin you can add devices and also see all devices of your organization by default. For non-Admin users you can fine granualary adjust who has access to which device. It might be that your colleague is not an admin and has not got the permission to access the added device.

To do this, simply visit the User Management Service and assign the authorization for the device to your colleague.

Why can’t my colleague see the device I added to

In addition to the role, the user also needs the authorization to view and use individual devices (or all devices). In User Management, navigate to the invited user and assign the permissions there under the “devices” tab.