BadIdentityTokenInvalid when OPC UA client connects to Zenon Skada opc Server

Question

Created OPC UA Client with C#. I'm using my Zenon Scada OPC UA SERVER. The server setting is set to authenticate with the Scada user ID. BadIdentityTokenInvalid error occurs even though the user ID and password are not wrong. If you use the Matrikon OPC Client, you can connect normally.

The client I created is connected normally with a certificate other than a user ID and password.

Do you know the solution?

this is error message " / Opc.Ua.ClientBase.ValidateResponse(ResponseHeader header)\r\n
/ Opc.Ua.SessionClient.ActivateSession(RequestHeader requestHeader, SignatureData clientSignature, SignedSoftwareCertificateCollection clientSoftwareCertificates, StringCollection localeIds, ExtensionObject userIdentityToken, SignatureData userTokenSignature, Byte[]& serverNonce, StatusCodeCollection& results, DiagnosticInfoCollection& diagnosticInfos)\r\n
/ Opc.Ua.Client.Session.Open(String sessionName, UInt32 sessionTimeout, IUserIdentity identity, IList1 preferredLocales, Boolean checkDomain)\r\n / Opc.Ua.Client.Session.Create(ApplicationConfiguration configuration, ConfiguredEndpoint endpoint, Boolean updateBeforeConnect, Boolean checkDomain, String sessionName, UInt32 sessionTimeout, IUserIdentity identity, IList1 preferredLocales)\r\n /

this is my code

private ApplicationConfiguration CreateOpcUaAppConfigurationbyNone() {

                var config = new ApplicationConfiguration()
                {
                    ApplicationName = "OPC UA Client",
                    ApplicationType = ApplicationType.ClientAndServer,
                    SecurityConfiguration = new SecurityConfiguration
                    {
                        ApplicationCertificate = new CertificateIdentifier(),
                        AutoAcceptUntrustedCertificates = true,
                    },
                    ClientConfiguration = new ClientConfiguration { DefaultSessionTimeout = 60000 },

                };

                config.Validate(ApplicationType.Client);

                if (config.SecurityConfiguration.AutoAcceptUntrustedCertificates)
                { 
                    config.CertificateValidator.CertificateValidation += (s, e) =>
                    {
                        e.Accept = (e.Error.StatusCode == StatusCodes.BadCertificateUntrusted);
                    };
                }

                return config;
            }




                endpointUrl = _tagGroup.HostIp.Replace(" ", string.Empty);
                userId = _tagGroup.SysUser.Replace(" ", string.Empty);
                passWord = _tagGroup.SysPassword.Replace(" ", string.Empty);

                if(userId == "")
                {
                    userIdentity = new UserIdentity(new AnonymousIdentityToken());
                }
                else
                {
                    userIdentity = new UserIdentity(userId, passWord);
                }

                if (_tagGroup.OpcCertType == "N")
                {
                    config = CreateOpcUaAppConfigurationbyNone();

                    var endconf = new ConfiguredEndpoint(null, new EndpointDescription(endpointUrl));
                    session = Session.Create(config, endconf, true, "abc", 60000, userIdentity, null);
                }

The client I created is connected normally with a certificate other than a user ID and password.