UiPath Documentation
automation-cloud
latest
false

Automation Cloud-API-Handbuch

Letzte Aktualisierung 15. Mai 2026

Getting started with External APIs

This page shows you how to make your first authenticated API call to UiPath. It uses the client credentials flow with a confidential external application — the recommended starting point for production scripts, administrative automation, and integration work.

Hinweis:

Choosing the right tool

The UiPath Swagger documentation lets you explore available API endpoints and understand request and response formats interactively in a browser. Use Swagger for discovery and manual testing only. For production automation, scripting, and integration, use Postman, cURL, or your application code — these support the full OAuth 2.0 bearer token flow required to authorize requests to UiPath APIs.

Voraussetzungen

  • A UiPath organization administrator has registered a confidential external application with the Client Credentials grant type and assigned the required scopes to it.
  • You have the App ID and App Secret for the registered application.

For information about registering external applications and choosing the right grant type, see External Applications (OAuth).

Step 1: Get a bearer token

Send a POST request to the Identity Server token endpoint to receive a bearer token.

curl -X POST "https://cloud.uipath.com/{organizationName}/identity_/connect/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials&client_id={app_id}&client_secret={app_secret}&scope={scopes}"
curl -X POST "https://cloud.uipath.com/{organizationName}/identity_/connect/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials&client_id={app_id}&client_secret={app_secret}&scope={scopes}"

Replace the following placeholders:

PlatzhalterWert
{organizationName}Your organization name as it appears in the Automation Cloud URL
{app_id}The App ID from your external application registration
{app_secret}The App Secret from your external application registration
{scopes}Space-separated list of scopes granted to the application, for example: OR.Users.View PM.Users

The response returns a bearer token:

{
    "access_token": "{access_token}",
    "expires_in": 3600,
    "token_type": "Bearer",
    "scope": "{scopes}"
}
{
    "access_token": "{access_token}",
    "expires_in": 3600,
    "token_type": "Bearer",
    "scope": "{scopes}"
}

Copy the access_token value. The token is valid for one hour.

Hinweis:

If you are using Postman or a similar tool, set the request content type to application/x-www-form-urlencoded.

Step 2: Call an API endpoint

Include the bearer token in the Authorization header of your API request.

The following example retrieves a list of machines from Orchestrator:

curl -X GET "https://cloud.uipath.com/{organizationName}/{tenantName}/orchestrator_/odata/Machines" \
  -H "Authorization: Bearer {access_token}" \
  -H "accept: application/json"
curl -X GET "https://cloud.uipath.com/{organizationName}/{tenantName}/orchestrator_/odata/Machines" \
  -H "Authorization: Bearer {access_token}" \
  -H "accept: application/json"

Replace {tenantName} with the name of your Orchestrator tenant and {access_token} with the token from Step 1.

Ergebnis

A successful request returns HTTP 200 with the requested data in JSON format.

If the request fails, verify the following:

  • The token has not expired. Tokens expire after one hour — repeat Step 1 to request a new token.
  • The Authorization header value is formatted exactly as Bearer {access_token}.
  • The scopes granted to your external application cover the requested endpoint. To find the scope values for a specific endpoint, check that endpoint's documentation page in this guide, specifically under the Platform Management APIs chapter.

Nächste Schritte

War diese Seite hilfreich?

Verbinden

Benötigen Sie Hilfe? Support

Möchten Sie lernen? UiPath Academy

Haben Sie Fragen? UiPath-Forum

Auf dem neuesten Stand bleiben