orchestrator
2021.10
false
- Getting Started
- Authentication
- Swagger Definition
- Orchestrator APIs
- Alerts Requests
- Assets Requests
- Calendars Requests
- Environments Requests
- Folders Requests
- Generic Tasks Requests
- Jobs Requests
- Libraries Requests
- License Requests
- Packages Requests
- Permissions Requests
- Processes Requests
- Robots Requests
- Roles Requests
- Schedules Requests
- Settings Requests
- Tasks Requests
- Task Catalogs Requests
- Task Forms Requests
- Tenants Requests
- Transactions Requests
- Users Requests
- Webhooks Requests
- Platform Management APIs
Authenticating
OUT OF SUPPORT
Orchestrator API Guide
Last updated Oct 31, 2024
Authenticating
API Authentication ensures only authorized parties can interact with the available resources and perform necessary actions. UiPath offers multiple methods of authentication for different scenarios.
Important: We support authentication through ROPC for backwards compatibility for Orchestrator instances that have been migrated from
standalone to Automation Suite deployments.Only Host administrators should authenticate using the /api/account/authenticate/ endpoint.Business users should authenticate using External Applications.
The resource owner password credentials authentication method is tenant scoped, therefore external application won't be able
to authenticate using this method, as an external app cannot be created at tenant level.
If you are using Swagger to try our API, just log in to your Orchestrator instance in a separate tab.
The Orchestrator API Swagger definition can be accessed by adding the
/swagger/ui/index#/
suffix to your Orchestrator URL. For example, https://{yourDomain}
/swagger/ui/index#/
.
Note: The Swagger authentication expires according to the parameters set in your Orchestrator instance. By default, it is set to
30 minutes. You can change it by modifying the value of the
Auth.Cookie.Expire
parameter, in the Web.config
file.
Important:
API access with Windows Auto-logon (NTLM authentication) has been removed, as indicated in the deprecation timeline.
We recommend that you use the OAuth flow instead, which requires registering external applications in Orchestrator.
If the external application is already registered, refer to .