- Getting started
- Best practices
- Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- SmartCard Authentication
- Audit
- Deployment Tab
- Robot Security Tab
- Scalability Tab
- Resource Catalog Service
- Folders Context
- Automations
- Processes
- Jobs
- Triggers
- Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Test Suite - Orchestrator
- Other Configurations
- Integrations
- Classic Robots
- Host administration
- Organization administration
- Troubleshooting
Robot Security Tab
Field |
Description |
---|---|
Total hours a robot can run offline without license verification |
Specify the number of hours a Robot can run offline, without Orchestrator checking its license. By default, it is set to 0. The maximum accepted value is 168 hours. This setting does not apply to Studio. |
Field |
Description |
---|---|
Attended robot authentication |
Interactive Sign-in SSO (Recommended) - This option only allows for robot connections with tokens that expire. Users can authenticate their robots only by signing-in with their credentials in the Assistant. User sign in is required to run attended robots, make Orchestrator HTTP requests, or view processes in the Assistant. When using interactive sing-in, there is no need to create machine objects in Orchestrator. Hybrid - This option allows for both connections with tokens that don't expire (machine key) and connections with tokens that expire (interactive sign-in or client credentials). Users have the option to sign-in with their credentials to authenticate their robots, which in turn allows them to connect Studio and the Assistant to Orchestrator, however it is not mandatory. |
Unattended robot authentication |
Client credentials (Recommended) - This option only allows for connections with tokens that expire. It uses the OAuth 2.0 framework as the basis for the authentication protocol, meaning unattended robots can connect to Orchestrator with a client ID - client secret pair generated via machine template objects. The client ID - client secret pair generates a token that authorizes the connection between the robot and Orchestrator and provides the robot with access to Orchestrator resources. Hybrid - This option allows for both connections with tokens that don't expire (machine key) and connections with tokens that expire (client credentials). |