UiPath Documentation
orchestrator
latest
false
Important :
La localisation du contenu nouvellement publié peut prendre 1 à 2 semaines avant d’être disponible.

Guide de l'utilisateur d'Orchestrator

Dernière mise à jour 22 mai 2026

Authenticating with interactive login (CLI)

Interactive login is designed for developers working locally who need quick access to test MCP Servers. The client in this method is the UiPath CLI (uipath command-line tool) running on your development machine.

When you run uipath auth, the CLI opens your default browser to the UiPath Cloud login page. After you authenticate, the CLI saves the resulting Bearer token to a .env file in your current directory. You then include this token in the Authorization header of your HTTP requests to the MCP Server endpoint.

Interactive login is suitable for the following scenarios:

  • Local development and testing of MCP Servers.
  • Quick API testing with cURL, Postman, or MCP Inspector.
  • Debugging MCP tool calls with full user permissions.
  • Any scenario where a human developer is present at the terminal.

It is not suitable for unattended or automated scenarios. In this case, use an external application instead. For IDE integrations, use the MCP OAuth flow.

Prérequis

  • The UiPath CLI is installed on your development machine.
  • You have an account with the Automation User, Automation Developer, or Folder Administrator role in the folder containing the MCP Server.

Authenticate and call an MCP Server

  1. Authenticate to UiPath:

    uipath auth
uipath auth

    The CLI opens your default browser. Log in to UiPath Cloud to complete authentication. The CLI saves the resulting Bearer token to a .env file in your current directory as UIPATH_ACCESS_TOKEN.

  2. Export the token to your shell environment:

    export UIPATH_ACCESS_TOKEN=$(grep UIPATH_ACCESS_TOKEN .env | cut -d= -f2)
export UIPATH_ACCESS_TOKEN=$(grep UIPATH_ACCESS_TOKEN .env | cut -d= -f2)

  3. Call an MCP Server using the exported token:

    curl -X POST "https://cloud.uipath.com/{org}/{tenant}/agenthub_/mcp/{folderKey}/{slug}" \
  -H "Authorization: Bearer $UIPATH_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","method":"initialize","params":{"protocolVersion":"2025-06-18","capabilities":{},"clientInfo":{"name":"curl","version":"1.0"}},"id":1}'
curl -X POST "https://cloud.uipath.com/{org}/{tenant}/agenthub_/mcp/{folderKey}/{slug}" \
  -H "Authorization: Bearer $UIPATH_ACCESS_TOKEN" \
  -H "Content-Type: application/json" \
  -d '{"jsonrpc":"2.0","method":"initialize","params":{"protocolVersion":"2025-06-18","capabilities":{},"clientInfo":{"name":"curl","version":"1.0"}},"id":1}'

Résultat

The MCP Server validates the token and responds to the initialize request. You can then send subsequent MCP protocol messages with the same Authorization header on every request.

Token characteristics

  • Type: JWT
  • Audience: includes OrchestratorApiUserAccess
  • Issuer: UiPath Identity Server ({env}.uipath.com/identity_)
  • Expiry: one hour. There is no automatic refresh, re-run uipath auth to get a new token.

The token grants:

  • Access to all folders where the logged-in user has role assignments.
  • All permissions the user has in those folders (inherited from their roles).
  • Compatibility with Integration Service activities (user context is present).

Applicable MCP Server types

This authentication method works with all MCP Server types: UiPath, Coded, Command, Self-hosted, Remote, and Platform.

Cette page vous a-t-elle été utile ?

Connecter

Besoin d'aide ? Assistance

Vous souhaitez apprendre ? UiPath Academy

Vous avez des questions ? UiPath Forum

Rester à jour