Robot Security Tab

Security

Field	Description
Total hours a robot can run offline without license verification	Specify the number of hours a Robot can run offline, without Orchestrator checking its license. By default, it is set to 0. The maximum accepted value is 168 hours. This setting does not apply to Studio.

Robot Authentication

Field	Description
Attended robot authentication	Interactive Sign-in SSO (Recommended) - This option only allows for robot connections with tokens that expire. Users can authenticate their robots only by signing-in with their credentials in the Assistant. User sign in is required to run attended robots, make Orchestrator HTTP requests, or view processes in the Assistant. When using interactive sing-in, there is no need to create machine objects in Orchestrator. Hybrid - This option allows for both connections with tokens that don't expire (machine key) and connections with tokens that expire (interactive sign-in or client credentials). Users have the option to sign-in with their credentials to authenticate their robots, which in turn allows them to connect Studio and the Assistant to Orchestrator, however it is not mandatory.
Unattended robot authentication	Client credentials (Recommended) - This option only allows for connections with tokens that expire. It uses the OAuth 2.0 framework as the basis for the authentication protocol, meaning unattended robots can connect to Orchestrator with a client ID - client secret pair generated via machine template objects. The client ID - client secret pair generates a token that authorizes the connection between the robot and Orchestrator and provides the robot with access to Orchestrator resources. Hybrid - This option allows for both connections with tokens that don't expire (machine key) and connections with tokens that expire (client credentials).

Field

Description

Attended robot authentication

Interactive Sign-in SSO (Recommended) - This option only allows for robot connections with tokens that expire. Users can authenticate their robots only by signing-in with their credentials in the Assistant.

User sign in is required to run attended robots, make Orchestrator HTTP requests, or view processes in the Assistant. When using interactive sing-in, there is no need to create machine objects in Orchestrator.

Hybrid - This option allows for both connections with tokens that don't expire (machine key) and connections with tokens that expire (interactive sign-in or client credentials). Users have the option to sign-in with their credentials to authenticate their robots, which in turn allows them to connect Studio and the Assistant to Orchestrator, however it is not mandatory.

Unattended robot authentication

Client credentials (Recommended) - This option only allows for connections with tokens that expire. It uses the OAuth 2.0 framework as the basis for the authentication protocol, meaning unattended robots can connect to Orchestrator with a client ID - client secret pair generated via machine template objects. The client ID - client secret pair generates a token that authorizes the connection between the robot and Orchestrator and provides the robot with access to Orchestrator resources.

Hybrid - This option allows for both connections with tokens that don't expire (machine key) and connections with tokens that expire (client credentials).

On this page

Security
Robot Authentication

Was this page helpful?

PREVIOUSDeployment Tab

NEXTScalability Tab

Support and Services

Get The Help You Need

UiPath Academy

Learning RPA - Automation Courses

UiPath Forum

UiPath Community Forum

Trust and Security

Cookies Policy