- Getting started
- Host administration
- Organizations
- Tenants and services
- Authentication and security
- Licensing
- Accounts and roles
- External applications
- Testing in your organization
- Notifications
- Logging
- Troubleshooting
Automation Suite admin guide
Configuring host authentication settings
As a system administrator, you can choose the authentication and related default security settings for your entire installation. These settings are inherited by all organizations as default.
This article walks you through the steps for configuring global authentication and security settings. If you want to configure organization-level settings, i.e., settings that apply to one organization, refer to Organization-level authentication settings.
Global authentication settings (host level)
Automation Suite allows you to configure an external identity provider to control how your users sign in. These settings apply to all organizations.
The following table provides an overview of the different host-level external providers available:
| External Provider Integration | Authentication | Directory Search | Administrators Provisioning |
|---|---|---|---|
| Active Directory and Windows Authentication | Administrators can use SSO with Windows Authentication using the Kerberos protocol | Administrators can search for users from the Active Directory | For a user to be able to login, either the user or a group that the user is a member of should already be added to the UiPath platform. Active Directory users and groups are available in the UiPath platform through directory search. |
| Microsoft Entra ID | Administrators can use SSO with Microsoft Entra ID using the OpenID Connect protocol | Not supported | Users must be manually provisioned into the UiPath organization with an email address matching their Microsoft Entra ID account. |
| Users can use SSO with Google using the OpenID Connect protocol | Not supported | Users must be manually provisioned into the UiPath organization with an email address matching their Google account. | |
| SAML 2.0 | Users can use SSO with any Identity Provider that supports SAML | Not supported | Users must be manually provisioned into the UiPath organization with a username/email/external provider key (as configured in their external identity provider configuration) matching their SAML account. |
Differences between integrating Microsoft Entra ID at host-level and organization-level: The host-level functionality only enables SSO. The organization-level Microsoft Entra ID integration enables SSO, directory search, and automatic user provisioning.