activities
latest
false
Classic Integrations Activities
Last updated Nov 8, 2024

Credential Management

Overview

Each integration activity package includes a unique scope activity that's used to establish or facilitate an authenticated connection to the integrated software application.

The behavior and input properties of a scope activity are dependent on the application's authentication requirements. Because of this dependency, scope activities may not have the same user experience or input properties. But, they do share the same underlying objective to collect user credentials.

How you store and collect user credentials is dependent on your company's credential management policies (e.g., how to handle passwords). One way that you can securely store and collect your user credentials is through the use of Orchestrator Credential Assets.

Tip: Before you begin using Credential Assets to manage your user credentials, you should consult with your IT department and review your company's credential management policies.

Credential Assets

Credential Assets enable the design, development, and running of automation projects without exposing credential values in the Studio Designer or in the project XAML file. Each Credential Asset is encrypted with the Advanced Encryption Standard (AES) 256 algorithm and stored on your Orchestrator instance (on-premise or cloud).

The following steps and message sequence diagram is an example of how Credential Assets work from design time to run time.

  1. Create a Credential Asset in your Orchestrator Tenant.

    • It's a long way of saying "Each Credential contains a username (String) and password (SecureString). Note that these fields, despite their names, can be used for other kinds of credentials (e.g. ClientID and ClientSecret)."
    • Each Credential Asset contains a unique Asset Name and two input properties. The Asset Name is used to identify the asset and the input properties are used to store a non-secure credential (String) and a complementary secure credential (SecureString).
    • Access to a Credential Asset is managed via the Orchestrator Tenant settings and roles.
  2. In your automation project, add a activity for each Credential Asset that you want to retrieve (e.g., if the scope requires two SecureString input values, you add two Get Credential activities).
    • Enter the Asset Name that you want to retrieve in the activity's input property.
    • Create and enter a String variable (e.g., username) and a SecureString variable (e.g., password) for the activity's output properties.
      Note: The Username and Password property names don't necessarily reflect the credentials you can store as an asset. Because your credentials may not actually be a username and/or password (e.g., maybe you have a TokenId and TokenSecret), you can use the Username property as a String input (e.g., TokenId) and the Password property as a SecureString input (e.g., TokenSecret).
  3. Add the integration activity package scope activity after the Get Credential activity.

    * In the input properties (e.g., Username and Password), enter the applicable variables that you created for the Get Credential activity.

  4. Run the project.

    • The robot retrieves the specified Credential Asset from the Orchestrator Tenant and enters the retrieved values into the scope activity.
    • The scope activity is then used to facilitate or establish an authenticated connection to the integrated software application.



      To create a new Credential Asset, complete the steps described here.

Other methods

UiPath also supports other other credential management methods. These methods are dependent on 3rd party technologies that may require an account to use.

Method

Description

Dependency

The Credentials Activities Pack contains activities that work with Windows Credential Manager, enabling the adding and deleting of credentials for specific Microsoft authentication packages, such as NTLM, Kerberos, Negotiate, Schannel, or Passport.

A credential store is a named location within a secure store, such as CyberArk, from which you can retrieve Robot credentials and credential Assets when needed. Orchestrator supports the use of multiple credential stores at tenant level, provides built-in support for CyberArk and Azure Key Vault, and the architecture enabling you to develop a plugin for other secure stores, if desired.

Beyond the secure stores with built-in support in Orchestrator (e.g. CyberArk, Key Vault), Orchestrator architecture supports the functionality of loading third-party or developing custom plugins, enabling you to use any desired credential store.

Varies

  • Overview
  • Credential Assets
  • Other methods

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.