orchestrator
2020.10
false
OUT OF SUPPORT
Orchestrator User Guide
Automation CloudAutomation Cloud Public SectorAutomation SuiteStandalone
Last updated Dec 12, 2023

Google Authentication

Configure Google to Recognize a New Orchestrator Instance

Note: The below steps are valid for Google SSO setup. Please note that the below procedure is a broad description of a sample configuration. For a fully detailed how-to, visit the official Google Documentation.

If you do not have the necessary permissions, address to your system administrator in this regard. Make sure that the following service details are set into place:

  1. The service must be set as ON for everyone.


  2. The following mappings must be provided for Orchestrator attributes on the Attribute Mapping window:
    • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn



  3. The following details must be provided on the Service Provider window:
    • https://cloud.uipath.com/identity/Saml2/Acs as the ACS URL
    • https://cloud.uipath.com/identity as the Entity ID

Set Orchestrator/Identity Server to Use Google Authentication

  1. Define a user in Orchestrator and have a valid email address set on the Users page.
  2. Import the signing certificate provided by the Identity Provider to the Windows certificate store using Microsoft Management Console. See here how to do that.
  3. Make sure that the following configuration is present in Identity Server's Saml2 settings within External Providers page (read here how to access Identity Server):
    • Select the Enabled checkbox.
    • Set the Service Provider Entity ID parameter to https://cloud.uipath.com/identity.
    • Set the Identity Provider Entity ID parameter to the value obtained by configuring Google authentication.
    • Set the Single Sign-On Service URL parameter to the value obtained by configuring Google authentication.
    • Select the Allow unsolicited authentication response checkbox.
    • Set the Return URL parameter to https://cloud.uipath.com/identity/externalidentity/saml2redirectcallback.
    • Set the External user mapping strategy parameter to By user e-mail.
    • Set the SAML binding type parameter to HTTP redirect.
    • In the Signing Certificate section, set Store name parameter to My from the drop-box.
    • Set the Store locationparameter to LocalMachine.
    • Set the Thumbprint parameter to the thumbprint value provided in the Windows certificate store. Details here.



      Note:
      Replace all occurrences of https://cloud.uipath.com/identity with the URL of your Orchestrator instance.
      Make sure that the URL of the Orchestrator instance does not contain a trailing slash. Always fill it in as https://cloud.uipath.com/identity, not https://cloud.uipath.com//identity/.
  4. Click Save to save the changes to the external identity provider settings.
  5. Restart the IIS server after performing any configuration changes within Identity Server.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.