Access EHmiLevel status in PLC logic (PLCnext eHMI)

PLCnext Engineer
1

Hello,

I am using PLCnext Engineer with the integrated HMI Webserver (eHMI).

Setup:

  • I have configured HMI users with roles EHmiLevel1 … EHmiLevel10

  • One user has EHmiLevel = 5 (Service)

  • When this user is logged in, access to a protected HMI page works correctly
    (Access / Visibility via ANY user level(s) ≥ 5)

PLC logic: In the PLC program I have a BOOL variable: Is_Service

If Is_Service = TRUE, the plant switches from automatic mode to manual mode
(e.g. actuators are no longer allowed to move automatically).

Requirement: I want the HMI tag / PLC variable Is_Service to be TRUE as long as at least one user with EHmiLevel ≥ 5 is logged in, and FALSE otherwise.

This should work:

  • without user interaction (no button click)

  • in the background

  • independent of the HMI client

  • including logout from another client

  • including automatic logout after session timeout (e.g. 20 minutes)

What I found so far:

  • EHmiLevel (e.g. EHmiLevel5) is available for HMI access rules, but
    it does not exist as a tag or system variable that can be used in PLC code.

  • I can set Is_Service := TRUE when opening the protected page and reset it on logout, but this solution fails if:

    • another HMI client logs out

    • the user is logged out automatically by timeout

Question: Is there any recommended or supported way in PLCnext Engineer / eHMI to:

  • link the current HMI user level (EHmiLevel ≥ 5)

  • to a PLC variable like Is_Service

  • centrally and client-independent?

Any best practice or official workaround would be highly appreciated.

Thank you!

2

Hello faster123,

PLCnext Engineer and the integrated eHMI do not offer any built‑in or supported way for the PLC program to read which HMI user is logged in or what EHmiLevel that user has. The role system is evaluated exclusively inside the eHMI webserver, and this information is not exposed as a PLC variable or HMI tag. Because of this architecture, the PLC cannot detect whether a user with a certain role is logged in.

Any attempt to set a PLC variable based on page access will always be incomplete, because events such as logout on another device, closing the browser, or automatic session timeout are not forwarded to the PLC. The PLC runtime has no mechanism to receive such information.

The only technical possibility to monitor user sessions is the REST interface of the eHMI webserver. When the REST option is enabled, it exposes endpoints that allow external code to query session information. This interface does not provide ready‑made logic and does not automatically map roles to PLC variables. It only exposes the necessary communication endpoints. A custom program outside PLCnext Engineer would be required to query the REST endpoints and then write an appropriate PLC variable. This is always a customer‑specific solution and not a built‑in feature of the system.

We will forward this topic internally, since the requirement to make HMI user information accessible inside the PLC is known and repeatedly requested.

1 Like