automation-hub
latest
false
Automation Hub User Guide
Automation CloudAutomation Cloud Public SectorAutomation Suite
Last updated Sep 9, 2024

Azure Active Directory Integration

The Azure Active Directory (AAD) integration enables you to connect your Automation Cloud account directly to an Azure Active Directory tenant, thus seamlessly integrating Automation Cloud capabilities with your existing IT user management infrastructure.

Some of the key benefits include:

  • Automatic user onboarding;
  • Simplified sign in experience;
  • Usage of the organization-specific URL for direct SSO with Azure AD tenant;
  • Enhanced permission and automation management through groups;
  • Permission management based on directory groups: Security and/or M365
  • Audit permissions assigned to the appropriate groups from Automation Cloud.

    Note: If you choose to enable the AAD integration for your Automation Hub tenant the user management procedure slightly changes.

Enable the AAD Integration for an Automation Cloud Account

In order to enable the Azure Active Directory for your Automation Cloud account, please follow the steps described in this tutorial.

Note: Once the setup is done on Automation Cloud, you will be able to leverage the AAD integration on all available services in your cloud account, including Automation Hub.

Add Users

The procedure to add users is the same as the one described in the Adding Individual Users page still the below changes occur:

  • When adding a user, the search functionality from the Add User form searches for users from both Automation Cloud and the AAD instance connected with Automation Cloud.
  • You will notice that the e-mail field has the "Search Directory" info text inside - which indicates that the search will be performed in both the Automation Cloud local directory and the AAD connected directory.

    Note: Upload CSV is no longer available once the Azure Active Directory is enabled for your Automation Cloud account.

Searching for Users From the Directory

  • When starting to type in the E-mail field from the Add User menu, the application will automatically start to query the users that exist in Automation Cloud or in the connected AAD and we can have the following situations:

    a. User is found in AAD Directory.

    This will display the results with a special icon next to it that will indicate that the user was found in the Active Directory.

    b. User is found in the Automation Cloud user directory. This will display the results with a special icon next to it that will indicate that the user was found in the Automation Cloud Directory.

    c. User is not found in either directories In this case, the results dropdown will not be shown anymore external users cannot be added when the AAD connection is active.

  • Please keep in mind that the first and last name, Job Title, City, Department are automatically imported from Automation Cloud or from the Azure Active Directory.
  • The first and last name can be manually edited on Automation Hub level as well as the other components of the User Profile (Job Title, City, Business Unit, Department).

View Users

When the Azure Active Directory is connected, the following information is available for each user entry:

  • First Name, Last name, Job Title, City, Department
  • Roles - the system roles that are directly assignable to the customer
  • Collaborator roles - the collaborator roles that are directly assignable to the customer
  • Group info - the AD groups and Automation Cloud groups that the user belong to
  • Group roles - the system roles that are inherited based on the groups that the user belongs to

Edit User

When the Azure Active Directory is connected, the user will be able to edit the following items related to the user:

  • First Name
  • Last Name
  • Job Title
  • City
  • Business Unit
  • Department
  • Roles
  • Collaborator Roles

    Important: The user bulk upload functionality is completely disabled once the AD integration is enabled.

Add Groups

The procedure to add Groups is the same as the one described in the Managing Groups page still the below changes occur:

  • When adding a group the search functionality from the Add Group form searches for groups from both Automation Cloud and the AAD instance connected with Automation Cloud.
  • Each group type is marked with a different icon to differentiate its source.





Searching for Groups From the Directory

  • When starting to type in the Group Name field from the Add Group menu, the application will automatically start to query the groups that exist in Automation Cloud or in the connected AAD and we can have the following situations:

    a. Group is found in AAD Directory.

    This will display the results with a special icon next to it that will indicate that the group was found in the Active Directory.

    b. Group is found in the Automation Cloud groups directory. This will display the results with a special icon next to it that will indicate that the group was found in the Automation Cloud Directory.

    c. Group is not found in either directories In this case, the results dropdown will show an error message stating that no group was found using the given search text.

After assigning the Roles and clicking Save the group's users are able to access the Automation Hub tenant they were added to.

If an AAD group is imported directly to Automation Hub the following observations apply:

  • the AAD group is mapped to an existing role from Automation Hub;
  • all the users that are part of the AAD group receive access to the Automation Hub instance from the Automation Cloud platform and they are added to the Everyone group from Automation Cloud.
  • the users can access Automation Cloud still they can only view the option for the specific instance of Automation Hub where they were added.

Viewing Groups

  • In the Groups menu, each group entry will have next to it a different icon, based on the source where the group was imported (Automation Cloud or AAD)



  • If a group is deleted from either Automation Cloud or AAD, then Automation Hub will show a distinctive warning icon next to that group
  • In this case, the group should be either deleted manually from Automation Hub
  • Automation Hub will not automatically delete the group entry from the list, it will only detect it and warn the user that an action is needed



Editing Groups

Editing a group can be done by simply clicking on the group item, which will automatically open the right side editing menu.

The following items can be edited from a group entry:

  • Description
  • Roles
  • Collaborators Roles

Deleting Groups

  • Deleting a group can be done from a the right side edit panel
  • The delete option can be found in the lower part of the screen
  • Deleting the group will just remove the group from Automation Hub and will not delete it from Automation Cloud or Azure Active Directory
  • By deleting the group, all the users that were part of the group will lose access to Automation Hub if they are not included in other groups or if they are manually added as users in the platform.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.