Skip to main content

Connect and authorize a Runtime target

When to use this guide

Use this guide before deploying, running, or debugging an app on another industrial PC, edge device, or RuntimeHost.

A Runtime target account controls access to the target machine. It is separate from the editor's Qixin sign-in and from operator accounts inside an individual app.

Before you start

  • Obtain the target origin. For remote management, use a complete https:// origin.
  • Confirm that the desktop computer can reach the target network and RuntimeHost.
  • Have either a target account bound to the current Qixin sign-in or a local target username and password.
  • For first-time setup, decide who will own the first Admin account and its recovery process.
warning

Deploy, Debug, Stop, license changes, and account management on a remote RuntimeHost require a secure connection. An HTTP remote target can be checked for reachability, but it cannot establish a protected management connection.

Steps

  1. In the editor toolbar, select the Runtime target control next to Build. You can also select the current target in the Runtime section of System Settings.
  2. In Manage Runtime Targets, select Add target.
  3. Enter a name and Origin. Do not include /api; when the name is empty, Theseus uses the host.
  4. Select Save.
  5. On the target row, select Check. Confirm that the row says Reachable, and verify that the reported RID matches the target machine.
  6. Select Connect.
  7. Complete authorization according to the target state:
    • New target: choose Initialize with current login, or enter a target username and password and select Create administrator.
    • Initialized target with a bound Qixin sign-in: choose Connect with current login.
    • Otherwise: enter a local account stored on the target and select Sign in with target account.
  8. After authorization, Theseus selects the target and reloads the editor.
  9. Reopen the target control and verify the target name, origin, and signed-in role. Continue with Build, Start, or Debug from the desktop editor only when signed in as an Admin.

A User can enter the runtime surface and start an app that is already deployed. Start and Debug in the desktop editor build and upload the current project, so they require an Admin, as do deployment, Materialize, Stop, license writes, and account management.

What success looks like

  • The target row shows Selected, Reachable, and a signed-in account.
  • The row shows the correct Admin or User role and the expected target RID.
  • The target name in the editor toolbar is the machine you intend to operate.
  • When an Admin uses Start or Debug from the desktop editor, the project is delivered to that target, and runtime state and online device feedback come from it.
  • When a User starts an already-deployed app from the runtime surface, no desktop project is uploaded.

Common issues

The target is Unreachable

Check the origin, port, network, DNS, firewall, and whether RuntimeHost is running. Fix reachability before troubleshooting accounts.

The target is reachable but says HTTPS required

Change it to a trusted HTTPS origin or establish a secure tunnel. Do not disable certificate checks to bypass site-security requirements.

Connect with current login does not work

The Qixin sign-in must be bound to an account on that target. Use a local target account, or ask a target Admin to create the binding in User Management.

The runtime can start an app, but the desktop editor cannot Start or Debug

The current target account may be a User. A User can start an already-deployed app; desktop Start, Debug, deployment, and Stop require an Admin account.

The app is missing after switching targets

Switching targets does not automatically put the local editor project on the remote host. The first desktop Start, Debug, or deploy operation must use Admin access to deliver the app to that target.

How AI can help

AI can inspect target-platform build failures, app configuration, and pre-deploy risks. For example:

The current target is Linux ARM64. Inspect whether this app's build and module configuration fit that target. Do not deploy. List the site conditions a person must confirm and the checks to run.

AI should not enter passwords, choose a target origin, accept certificate risk, or decide which production target to use.

What a person must confirm

  • Whether the target is a test or production machine, and whether its name, origin, and RID agree.
  • Whether the HTTPS certificate and network path meet site-security requirements.
  • Whether the signed-in account has only the permissions required for the task.
  • Whether production conditions permit Deploy, Stop, license changes, or user management.