- Release Notes
March 2021
If you are using the invitation-based model for adding users to your organization, you can now choose to only allow sign in using a preferred provider out of Microsoft or Google.
With this option selected, users can only see the option you choose to sign in. For example:
The new options are available to organization administrators under Admin > Users and Groups > Authentication Settings.
For more information and instructions, see About Users.
Your non-UiPath applications (we call these external applications) can now use the OAuth 2.0 authorization framework to access your UiPath resources over API. Now you can share access without also sharing credentials.
Available APIs: In this release, we are introducing OAuth support for the following resources:
To allow external applications to obtain authorization using OAuth, organization administrators must register them in Automation Cloud and define the scopes they can access.
Documentation
You can read more in About Sharing UiPath Resources.
Also see the:
- Instructions for Org. Admins: Managing External Applications
- Instructions for Developers: Accessing UiPath Resources Using External Applications.
For those of you looking for scalability and standardization in managing your UiPath users, you will be happy to hear that as of this release you have the option of leveraging your existing user management infrastructure in Microsoft Azure Active Directory (Azure AD) for the accounts of employees who work in your UiPath cloud platform. You will no longer have to create users twice, or manage two accounts for the same person.
Existing organizations remain on the default user management model and new organizations also start on the default model. To switch to the Azure AD model, you must set up the integration. Switching to the Azure AD model is easy and the access of your existing UiPath users is automatically shared with their directory accounts, so you can switch models with no disruption for your users.
You can assign directory users to groups as easily as before:
Known Issue
Action Center cannot see Azure AD users who haven't signed in
With the Azure AD integration active, Action Center cannot see those Azure AD users who have not singed in yet using their directory account and so you cannot assign tasks to them.
Workaround: Ask all your users to sign in one time using their directory account. Alternatively, you can continue to assign tasks to the user's UiPath account, but then organization administrators should delay the task of discontinuing UiPath account use until the issue is resolved.
As of today, we added the option to enable/disable user licensing in your Automation Cloud organization. Find the option on the Admin > Organization Settings tab in the Automation Cloud portal.
This operation has huge implications. Make sure you read and understand the compatibility considerations before making any change.
Compatibility Considerations
User-based licensing is not compatible with classic folders and is only recommended for organizations using interactive authentication. Make sure your organization is ready to employ a modern folder structure and that interactive authentication is enforced. Learn how to enforce interactive authentication. Any user license assignments made using the legacy model needs to be recreated using the new model.
When migrating from on-premises to Automation Cloud Orchestrator while in a classic folder setup, you need to make sure user licensing is turned off as this functionality is not compatible with classic folder setups.
Beginning today, UiPath Automation Cloud offers a robust licensing framework as an alternative to the previous one, allowing users to access any service from an organization based on their license, provided they have the required permissions. This removes unnecessary overhead from administrators who previously had to move licenses from one tenant to another. This makes it easier for you to manage user licenses centrally across multiple tenants.
Beginning March the 1st, newly created organizations have user licensing enabled by default. We did not remove the legacy license management model, existing organizations are not impacted in any way by this change.
Compatibility Considerations
User-based licensing is not compatible with classic folders and is only recommended for organizations using interactive authentication.
When migrating from on-premises to Automation Cloud Orchestrator while in a classic folder setup, you need to make sure user licensing is turned off as this functionality is not compatible with classic folder setups. If this is your case, you can contact us to disable the user licensing feature and start your migration to Automation Cloud in a classic setup.
Centralized Location for License Management
The new management model allows you to manage all licenses in your organization in the dedicated sections on the Licenses page.
Direct License Assignment vs License Allocation by Group Membership
- License Allocations to Users - You can directly assign licenses to users in case you want full control over a limited set of licenses or to achieve licensing granularity while keeping access control easy using groups.
- License Allocations to Groups - Group-based licensing, on the other hand, allows you to allocate one or more licenses to a user group making the pool of licenses assigned to the group available to all its members.
New Spot for Managing Robot/Service Licenses
Other UI Tweaks
Allocating licenses at the tenant level is dedicated to robot/service licenses only. To this end, user licenses have been removed from the Allocate Licenses to Tenant window.