automation-suite
2021.10
false
- Getting started
- Authentication
- Authentication methods
- External Applications (OAuth)
- ROPC Authentication
- Scopes and permissions
- Platform Management APIs
ROPC Authentication
Automation Suite API Guide
Last updated Jun 17, 2024
ROPC Authentication
Important:
We support authentication through ROPC for backwards compatibility for Orchestrator instances that have been migrated from standalone to Automation Suite deployments.
Only Host administrators should authenticate using the
/api/account/authenticate/
endpoint.
Business users should authenticate using .
The resource owner password credentials authentication method is tenant scoped, therefore external application won't be able to authenticate using this method, as an external app cannot be created at tenant level.
To retrieve the access token, make a POST request to the
BaseURL/[OrgName]/[TenantName]/api/account/authenticate
endpoint with the following payload:
{
"TenancyName": "{account_tenant_name}",
"UsernameOrEmailAddress": "{account_username}",
"Password": "{account_password}"
}
{
"TenancyName": "{account_tenant_name}",
"UsernameOrEmailAddress": "{account_username}",
"Password": "{account_password}"
}
In the above request:
{account_tenant_name}
—is the name of the tenant in your Automation Suite account{account_username}
—is the username of your Automation Suite account{account_password}
—is the password used to log in to your Automation Suite account
Tip:
To find the TenancyName value of your Orchestrator instance, make a GET request to the /odata/Users/UiPath.Server.Configuration.OData.GetCurrentUser.
The response body returns the bearer token, used by your application to authorize further API calls. Therefore, in the Authorization
header of an API call, append
Bearer xxxx
and replace xxxx
with the {access_token}
value (for example, Authorization: Bearer eyJhbG ... LnVxjA
).
{
"result": "{access_token}",
"targetUrl": null,
"success": true,
"error": null,
"unAuthorizedRequest": false,
"__abp": true
}
{
"result": "{access_token}",
"targetUrl": null,
"success": true,
"error": null,
"unAuthorizedRequest": false,
"__abp": true
}
Important:
- By default, the access token is valid for 30 minutes. To generate a new one, make another call to the
api/account/authenticate
endpoint. - If your Automation Suite organization uses the Azure Active Directory model, you must register external applications in Automation Suite and use the .