Trust

Trusts enable the sharing of users, their credentials and access permissions across different Miniservers.
The transfer of users and their data is TLS encrypted, and the Loxone services Remote Connect and Cloud DNS are also supported for data exchange over the Internet.

This feature is useful for granting employees access to different office location, or to use the same login credentials at the weekend home as at home.

Trusts require the current Miniserver, the Miniserver Gen. 1 is not supported!

Table of Contents


Basic Configuration

First, a new Trust must be created. To do this, connect to the Miniserver that is going to be the manager for this Trust. The Trust and its members are managed on this Miniserver.

Create Trust and Members

First, click on the Trusts item in the periphery tree of Loxone Config, then click on "Create Trust" in the menu bar at the top:

This will create a Trust with the currently connected Miniserver already set as Trust Manager.

Next, a Miniserver is added to the Trust as a Trust member. To do this, click on the newly created Trust and select "Add new Member" from the menu bar:

Now, enter the serial number of the member in the properties:

Since the created member has not yet joined the Trust, its name is not known and the serial number is used instead.
Other Miniserver can be created as members in the same manner.

Generate Trust Key

In the next step a Trust Key has to be generated to allow the members to join the Trust.
First click on the Trust in the periphery tree of Loxone Config, then click on "Generate Trust Key" in the menu bar at the top:

A key file is created, which can be saved to the PC. This key file can be sent to the administrator of the member Miniserver (e.g. by email), allowing it to join the Trust.

As the final step, the program must be saved to the Miniserver.

Join Trust

The member Miniserver created earlier can now join the Trust.
To do so, connect to the member Miniserver, and have the key file at hand.

First, click on the Trusts item in the periphery tree of Loxone Config, then click on "Join Trust" in the menu bar at the top.

Selecting the key file from the file manager and click on "Join Trust":

Then the connection is checked and the member Miniserver joins the Trust.
Finally, the program must be saved to the member Miniserver.

In the same way, additional Miniserver can be added to the Trust, provided they have been created as members on the Trust Manager.

Finalize Setup

Members that join the Trust send information including their name to the Trust's Manager Miniserver.
Therefore, to complete the setup, it is necessary to load once from the Manager Miniserver so that the information about the joined Miniserver is included in the document.

Once this is done, the members and their names will be displayed correctly on the managing Miniserver, and the Trust is ready for use.

If external access has been set up manually, it is required to use an HTTPS port and also to set up port forwarding to this port. Otherwise, no connection via the Internet is possible.

Manage Users

After setting up a Trust, the users and user groups of the member Miniservers can now be used across all Miniservers.

To transfer the users of another Miniserver, first click on the Trust in the periphery tree, then click on "Manage Users and Groups" in the menu bar at the top.
The following window opens:

In the above example, the users and groups of the other Miniserver of the Trust are listed on the left, but not our own.
By selecting users or groups, and clicking on the arrow pointing right, they will be added to the Miniserver or document we are currently connected to.
When we add a group, the members of that group are automatically added as well.

The added users and groups are then displayed in the periphery tree of Loxone Config as well as in the Trust. The name of the Miniserver that a user or group originates form is also indicated. In addition, the users and groups of a Trust are marked by a different symbol:

Users are transferred along with their passwords and authentications such as NFC tags, access codes or iButtons.

However, user and group rights are not transferred, as they are specific to the Miniserver from which the users originate.
Therefore, rights must still be assigned to newly added users or groups.

These include the right to access the user interface, and the right for authorization blocks to allow users or groups to access a building.

Using the User and Rights Management, the added users of a Trust can be managed in the same way as the local users, and rights can be assigned:

As the final step, the program must be saved to the Miniserver.

If a user of a Trust changes their password, e.g. in the App, it will be updated across all Miniserver.
Users of a Trust can also be added, removed, and managed within the App: