Action Center
2021.10
false
Action Center
Automation CloudAutomation Cloud Public SectorAutomation SuiteStandalone
Last updated May 21, 2024

Roles and Permissions

Actions roles and permissions are set from Orchestrator.

Robot Role

In order for the Robot to generate an action, upload, download, and delete data from a storage bucket, it needs the appropriate permissions. Make sure the Robot role has been granted the following:

To create an action:

  • View,Edit,Create on Actions

To upload document data:

  • View,Edit,Create on Storage Files
  • View on Storage Buckets

To delete document data after downloading:

  • View,Edit,Delete on Storage Files
  • View on Storage Buckets

Custom Roles - Actions

Note: The Create permission on Action Assignments enables the Manage Actions view on the actions panel, which facilitates the management of all actions in the corresponding Orchestrator folder. To view and manage only the actions assigned to yourself, switch to the My Actions view.

We recommend defining the following roles for handling actions:

Document validation admin

As a validation admin, you see all the generated document validation actions and assign them to users on the Manage Actions page.

The following permissions are required:

  • View,Edit on Actions
  • View,Edit,Create,Delete on Storage Files
  • View on Storage Buckets
  • View,Edit,Create on Action Assignments
  • View,Edit,Create on Action Catalogs



Document validation user

As a validation user, you see all the form and document validation actions assigned to yourself and validate them on the My Actions page.

The following permissions are required:

  • View,Edit on Actions
  • View,Edit,Create on Storage Files
  • View on Storage Buckets
  • View,Edit on Action Assignments



Document classification admin

As a classification admin, you see all the generated document classification actions and assign them to users on the Manage Actions page.

The following permissions are required:

  • View,Edit on Actions
  • View,Edit,Create,Delete on Storage Files
  • View on Storage Buckets
  • View,Edit,Create on Action Assignments
  • View,Edit,Create on Action Catalogs



Document classification user

As a classification user, you see all the form and document classification actions assigned to yourself and edit them on the My Actions page.

The following permissions are required:

  • View,Edit on Actions
  • View,Edit,Create on Storage Files
  • View on Storage Buckets
  • View,Edit on Action Assignments



Action admin user

As an action admin, you see all the generated form actions and assign them to users on the Manage Actions page.

The following permissions are required:

  • View,Create on Action Assignment
  • View,Edit,Create on Action Catalogs
  • View,Edit,Create,Delete on Actions



Action user

As an action user, you see all the form actions assigned to yourself and edit them on the My Actions page.

The following permissions are required:

  • View,Edit,Create on Actions



Technical user

As a technical user, you handle external actions.

The following permissions are required:

  • Edit on Actions

Custom Roles - Processes

We recommend defining the following roles for handling processes:

Queue process user

As a queue process user, you can Generating Forms to Provide Inputs to a Queue

The following permissions are required:

  • View on Queues
  • View,Edit,Delete on Transactions



Job process user

As a job process user, you can generate forms to provide inputs to a job.

The following permissions are required:

  • View on Processes
  • View,Edit,Delete on Jobs



    Note:

    To trigger a process through file upload, you need the following permissions:

    • View,Edit, Create on Storage Files

Known Limitations

  1. When the Azure AD integration is enabled, you cannot assign tasks to users in Action Center if they haven't signed in using their AD account. The same behavior occurs for local user groups , when the users haven't signed in using their local user account.

    Workaround: Consider asking your users to sign in after their accounts have been created, using either their AD or local user account. Alternatively, you can continue to assign tasks to the user's UiPath account. But then organization administrators should delay the task of discontinuing UiPath account use until the issue is resolved.

  2. In the case of folders that have permissions set for DirectoryGroup, all Azure AD users appear in the Assign To User drop-down list, even if they don't have permissions for the specified folder. Even if users without the appropriate permissions show up in the Assign To User drop-down list, you can't assign Actions to them. This behavior is a user interface issue only, caused by an API that returns all Azure AD users, regardless of their folder permissions.

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.