- Before You Begin
- Getting Started
- How To
- Designing your App
- Events and Rules
- Function: And, Or, Not
- Function: Concat
- Function: Contains
- Function: Count
- Function: EndsWith
- Function: If
- Function: IsBlank
- Function: Length
- Function: List
- Function: StartsWith
- Function: Sum
- Function: Sort
- Function: Now
- Function: Today
- Function: Time
- Function: Year
- Function: Month
- Function: Day
- Function: Hour
- Function: Minute
- Leveraging RPA in your App
- Application Lifecycle Management (ALM)
- Basic Troubleshooting Guide
Apps User Guide for Automation Suite
Orchestrator Permissions
In order to create apps and trigger robots at app runtime, users are required to have a minimum set of permissions to access processes from Orchestrator. This page describes the minimum permissions required for common personas and scenarios. For specific setup instructions, check out Orchestrator's documentation on Managing Roles.
Common Approaches to managing Orchestrator Permissions for UiPath Apps:
- Grant "Admin" Rights - Assigning admin rights to everyone in your Automation Cloud Account is a quick and easy way for all users to experiment with the full capabilities of Automation Cloud, but it is not recommended for production deployment.
- Modify Orchestrator's Default Roles - The simplest way to provide the correct permissions to App Authors and App Users is to assign additional permissions to the roles that are provided out-of-the box.
- Create New Roles - Create Tenant and Folder level Roles for App Authors and App Users. This allows the most control, but requires more orchestration overhead.
Check out the Orchestrator Documentation to learn more about how to manage access control for your organization's security and governance requirements.
This section contains the minimum permissions required to author apps.
Define a user's access to resources at the tenant level.
Machines:View
- (Recommended) Used to get the machine key for setting up the robot. You also needMachines: Create
if you have to create a new machineRobots:Create
- (Recommended) Used to create a robot ( In case of Classic folders). For modern folders, this is not requiredFolders:Edit
- (Recommended) Used to add app users to respective folders so that the app users can run the processesUsers:View
- (Recommended) Used to identify whether the relevant permissions are available for the respective users to whom we are sharing the app in OrchestratorWebhooks: View, Create
: Used by App to start and retrieve results in case of unattended process run during preview
In order to import a process from orchestrator in App Studio, the user must have the following folder-level permissions on any folders that contain processes to be used by Apps.
Jobs:View
- Used to get the properties of complex objects (.Net objects/data table) by looking at last successful job runJobs:Create
- Used to run processes during previewProcesses:View
- Used to access the processes in a folder
Processes:View
- The app runtime user should have access to the processes in the corresponding folder used in App.Jobs:Create
- Used to run processes during preview- The user must also have a licensed Robot (with the JavaScript Robot Add-On enabled) on their desktop.
In order for users to trigger unattended automation at app runtime, a minimum of the following permissions are required:
Define a user's access to resources at the tenant level.
Webhooks: View, Create
: Used by App to start and retrieve results from the process run
Define the user's access and ability within each folder they are assigned to.
-
Jobs: Create
- Used to start unattended jobs from Apps
Webhooks are required for Unattended automation
Webhook:Create
permissions at the tenant level, unattended jobs will not start at app runtime.