apps
latest
false
UiPath logo, featuring letters U and I in white

Apps User Guide

Automation CloudAutomation Cloud Public SectorAutomation Suite
Last updated Dec 13, 2024

Public Apps

Overview

Warning: In case of entities, it is recommended that you remove the Everyone Group to eliminate unintentional data access for public apps.

You can use UiPath® Apps to create apps that are available to users outside of Automation CloudTM.

This opens up new opportunities for your app, such as:

  • Creating a timesheet for external vendors.
  • Creating a form where users can submit their taxes reports and process them using Document Understanding.
  • Creating a form to reset a passwords or change the address.
  • Retrieve data from a legacy system.
  • Creating a form where users can submit feedback.
Warning: Public apps operate anonymously, without an authentication flow. As such, public apps do not support functionalities related to the status or data of the current user.

The following rate limits apply for public apps:

  • Number of GET requests allowed in a 5 minute period per IP: 1000
  • Number of POST requests allowed in a 5 minute period per IP: 1000
  • Number of GET requests allowed in a 5 minute period per Organization: 1000
  • Number of POST requests allowed in a 5 minute period per Organization: 15000

    All other HTTP methods have lower limits but with minimal impact as they are used occasionally.

Note: Because public apps are accessible to anyone with the URL, make sure that your app never collects or retrieves sensitive data such as Social Security Number, billing information, and so on.

Prerequisites

You need the Organization Admin role to create a public facing app.

Note:

Users on Enterprise license plans need Apps Units to create public apps.

Steps

Building the App

Use the following steps in UiPath® Apps to create and publish your external app:

  1. Go to the UiPath® Apps homepage and create a new app.
  2. In the app creation dialog, mark the Public App checkbox.


    Note:
    You can also make an existing app public from the Manage access tab.
    docs image
  3. Build your desired app.

  4. Publish the app.
  5. Deploy the app to an Orchestrator folder:

    1. Go to Automations > Apps.

    2. From the App dropdown, select the app to deploy.

    3. From the Version dropdown, select the specific app version you want to deploy.

    4. Optionally, enter a Display name or a Description for your app.

    5. Click Deploy.

    More details here ...

Note: A published public app contains public in the Production URL.


Note:
Public apps created using UiPath® Apps are displayed as external applications in the Admin > External Applications > OAuth Apps page. Identify these apps by the UiPath-Apps prefix.
docs image

Setting up the external app

To configure the public app as an external app:

  1. Assign the proper roles for your external app at both tenant and folder levels. To identify the desired app, look for the UiPath-Apps prefix, and create new roles with the following permissions:

    Resource

    Permissions to set at tenant level

    Permissions to set at folder level (*)

    Webhooks

    View, Create

    x

    Jobs

    x

    Create

    Storage files

    x

    View, Create

    Storage buckets

    x

    View

    Queues

    x

    View

    Transactions

    x

    Create

    (*) Folder roles must be assigned in the folder where the public app was deployed.
    docs image
  2. If you have Read rights for the Data Service component, public apps works by default with Data Service. If you need Write permission, the Data.Writer permission needs to be provided for the public app. For more information on Data Service components, check the Managing access page from the Data Service guide.
    Note: When using entities with public apps, make sure to provide only the relevant permissions in Data Service. A good way to do that is to create a specific role and provide specific permissions that are needed. Avoid using Read permissions for entities that have information that should not be exposed externally.
    Grant View and Edit permissions for an entity only if you are comfortable with all users of that app accessing the data in that entity.
  3. Add your external app to both a tenant and a folder.

Note: If you want to configure the scope for the external app, check the Accessing UiPath resources using external applications page from the Automation CloudTM guide.

To validate that your external app has the proper roles:

  1. Go to Orchestrator > Tenant > Manage Access.

  2. Identify your app in the list by searching after the UiPath-Apps prefix.
  3. For the desired app, click More Actions, then select Check roles & permissions.

  4. Unfold the roles to see and validate the assigned permissions.
    docs image

Best practices for using public apps

Public Apps is a powerful feature in UiPath® that allows customers to expose their automations to users outside their organization. To ensure the security, privacy, and optimal performance of these applications, it is essential to follow the best practices described below:

Dos

  • Review permissions and access controls: Take the time to carefully inspect the permissions and access controls for all the dependencies your Public App relies on.

  • Follow the Principle of Least Privilege (PoLP): Grant the minimum set of permissions required for your Public App to function correctly. This reduces the risk of unauthorized access and data breaches.

  • Validate user input: Implement proper input validation to safeguard your app from malicious data and ensure it processes information safely.

  • Perform security audits regularly: Periodically audit and update the access controls and permissions of your Public App to keep them in line with the security and privacy policies of your organization.

  • Provide clear instructions: Make user experience a priority by offering clear, concise, and helpful instructions on how to use your Public App effectively.

  • Implement error handling: Design your Public App to gracefully handle errors and protect sensitive data in case of unexpected issues.

  • Monitor activity: Regularly review anonymous user activity and performance of the app to identify potential security threats and facilitate incident response.

  • Follow secure coding practices: Adhere to established coding standards and best practices to minimize the risk of security vulnerabilities in your Public App.

Don'ts

  • Don't store sensitive data: Refrain from storing user sensitive information, such as social security numbers, billing details, or any other confidential data in Data Service.

  • Don't grant excessive access: Do not provide a Public App Read permission to an entity unless you want all app users to access all the data within it.

  • Don't solely rely on query filters: Using query filters with Data Service does not guarantee record-level security or privacy.

  • Don't expose sensitive information in error messages: Ensure that error messages never reveal sensitive data or provide hints that could be exploited by potential attackers. Keep error messages safe and generic.

  • Don't use hard-coded credentials: Avoid embedding sensitive credentials or API keys directly in the app code. Instead, opt for secure methods of storing and retrieving these values.

  • Don't neglect testing: Prior to deployment, thoroughly test your Public App for security vulnerabilities, functionality, and performance. Ensure that it meets the highest security standards to protect both your users and your application.

  • Overview
  • Prerequisites
  • Steps
  • Building the App
  • Setting up the external app
  • Best practices for using public apps
  • Dos
  • Don'ts

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.