- Getting started
- Host administration
- Organizations
- Authentication and security
- Licensing
- Accounts and roles
- External applications
- Managing external OAuth applications
- Notifications
- Logging
- Troubleshooting
Automation Suite Admin Guide
Managing external OAuth applications
As an admin, using the OAuth framework, you can delegate authorization to external applications. Once registered, these applications can make API calls to UiPath applications or resources scoped to the APIs you designate.
You can register applications as one of the following types:
- confidential applications: Applications that can safely store the application secret generated after registration; for example, web applications and service-to-service (S2S) applications.
- non-confidential applications: Applications that cannot guarantee the safe storage of the application secret and therefore one is not created; for example, desktop or native mobile applications.
The application type defines the authorization grant type that is allowed for authorizing the application. Confidential applications are scoped to user-level and/or application-scoped APIs. Non-confidential applications can only send requests for user scope, meaning that a user must log in to authorize the request for the application.
When registering the external application, you give it access to one or several UiPath resources through the API of a UiPath application.
The following APIs are available:
There are three steps to getting an external application access your UiPath resources over OAuth:
Step |
Who |
What |
Details |
---|---|---|---|
1 |
Organization administrator |
Register an external application in Automation Suite | |
2 |
Organization administrator |
Provide the application registration details to the developer | |
2 |
Developer |
Set up the external application to use the appropriate grant type to access your UiPath resources |
To register an external application so that it can use OAuth to access the UiPath resources within your organization:
Scopes are the permissions of the external application in relation to your UiPath resources.
If you don't know the application secret that was generated for an external application, you cannot recover it. But you can generate a new one.
To generate a new app secret:
After you register an external application, a developer must also set up the external application so that it properly authenticates, requests authorization from UiPath Identity Server, and then access the allowed UiPath resources.
To be able to perform those tasks, you must share the following information with them:
- the Application Type and Application ID, both of which are visible on the Admin > External Applications page
- the scopes added for each scope type. For some resources, the same name is used under both user and application scopes, so the type is also important.
-
if this is a confidential application, the application secret generated when you registered the external application.
Note: If you don't have the secret anymore, generate a new one as described above.
For more details on how to authenticate and authorize external apps as a developer, see External Apps in the API guide.