Orchestrator

latest

false

- Introduction
- - Robot Statuses
  - Robot Settings
- Auto Updating Client Components
- Activities Feeds
- Time-to-live Periods
- Orchestrator Outbound IP Addresses
- Organization Modeling in Orchestrator
- Automation Best Practices
- Optimizing Unattended Infrastructure Using Machine Templates
- Organizing Resources With Tags
- Orchestrator Read-only Replica
- Exporting grids in the background
- About the Tenant Context
- Searching for Resources in a Tenant
- Audit
- - Types of Events
  - Managing Webhooks
- - Managing Your Licenses
- Settings
- Elastic Robot Orchestration
- Automation Cloud™ Robots - VM
- Automation Cloud™ Robots - Serverless
- Configuring VPN for Cloud Robots
- About the Folders Context
- Home
- About Automations
- About Processes
- Managing Processes
- Managing Package Requirements
- Recording
- - Troubleshooting live streaming and remote control
- About Jobs
- Managing Jobs
- Job States
- Working With Long-running Workflows
- Running Personal Remote Automations
- Process Data Retention Policy
- About Apps
- Publishing an App to a Tenant
- Managing Apps
- Running a Deployed App from a Folder
- Managing Non-Working Days
- - Triggering jobs on the last day of the month
- About Logs
- Managing Logs in Orchestrator
- Logging Levels
- About Monitoring
- Machines
- Processes
- Queues
- Queues SLA
- Bulk Uploading Queue Items Using a CSV File
- Managing Queues in Orchestrator
- Managing Queues in Studio
- - Editing Transactions
  - Field Descriptions for the Transactions .csv File
- Review Requests
- About Assets
- Managing Assets in Orchestrator
- Managing Assets in Studio
- Storing Assets in Azure Key Vault (read-only)
- Storing Assets in HashiCorp Vault (read-only)
- Storing Assets in AWS Secrets Manager (read Only)
- - CORS/CSP Configuration
- Managing Storage Buckets
- Test Automation
- - Field Descriptions for the Test Cases Page
- - Field Descriptions for the Test Sets Page
- - Field Descriptions for the Test Executions Page
- - Field Descriptions for the Test Schedules Page
- About Resource Catalog Service
- About Authentication
- SmartCard Authentication
- Configuring the SMTP Server
- - Example of Using Input and Output Arguments
- About Troubleshooting
- Frequently Encountered Orchestrator Errors

Home

Orchestrator

Default Roles - Automation Cloud latest

Orchestrator User Guide

Last updated Nov 30, 2023

Default Roles

This page displays the permissions included for each default role in Orchestrator.

You can view and edit the permissions for each role from the Roles page by clicking the More Actions icon on the right end of a row.

If a role cannot be edited, you have the option to duplicate and customize it as a new role instead (not available for mixed roles).

Administrator Role

A role that has all tenant- and folder-level permissions.

This is a mixed role and includes both tenant and folder permissions. With mixed roles, for a global operation, only the user's tenant permissions are taken into consideration; for a folder-specific operation, if a custom role is defined, folder permissions are applied in favor of any tenant permissions present.

It includes the following permissions, which cannot be changed.

Tenant Permissions

Folder Permissions

Robot Role

All permissions required to execute processes in classic folders.

Note: As robot accounts can write logs without the explicit assignment of the Create permission on Logs, Orchestrator skips the check on this permission.

By default, the role has the following permissions, which can be changed.

Tenant Permissions

Folder Permissions

Personal Workspace Administrator Role

This is a folder role and it includes the following permissions by default, which cannot be edited.

Standard Roles for Modern Folders

The following roles are pre-configured with the permissions for the tenant level or the folder level that are required to work in modern folders.

These roles cannot be changed, but you can duplicate and customize them as a new role if needed.

Below you can see the permissions granted for each standard role.

Orchestrator Administrator

The equivalent of the Administrator role, with tenant-level permissions granted. Assign at the tenant level to those users, if any, that are delegated the management of all tenant entities.

This is a tenant role and includes the following permissions by default, which cannot be changed.

Allow to Be Folder Administrator

A role with the minimum tenant-level permissions needed to manage their own folders and subfolders.

Accounts that have the Allow to be Folder Administrator tenant role should also have the Folder Administrator folder role assigned to them at the folder level.

This is a tenant role and includes the following permissions by default, which cannot be changed.

Folder Administrator

A user with the minimum folder-level permissions needed to manage their own folders and subfolders.

Accounts that have the Folder Administrator folder role should also have the Allow to be Folder Administrator tenant role assigned to them at the tenant level.

This is a folder role and includes the following permissions by default, which cannot be changed.

Allow to Be Automation User

A user with the minimum tenant level permissions needed to execute processes from Assistant.

Accounts that have the Allow to be Automation User tenant role should also have the Automation User folder role assigned to them at the folder level.

This is a tenant role and includes the following permissions by default, which cannot be changed.

Automation User

A user with the minimum folder level permissions needed to execute processes from Assistant.

We recommend that accounts that have the Automation User folder role also have Allow to be Automation User tenant role assigned to them at the tenant level.

This is a folder role and includes the following permissions by default, which cannot be changed.

Allow to be Automation Publisher

A user who can publish processes to Orchestrator.

This role can be assigned on top of Allow to be Automation User to allow a user to both publish and execute a process.

Accounts that have the Allow to be Automation Publisher tenant role should also have the Automation Publisher folder role assigned to them at the folder level.

This is a tenant role and includes the following permissions by default, which cannot be changed.

Automation Publisher

A user who can publish processes to Orchestrator.

This role can be assigned on top of Automation User to allow a user to both publish and execute a process.

Accounts that have the Automation Publisher folder role should also have Allow to be Automation Publisher tenant role assigned to them at the tenant level.

This is a folder role and includes the following permissions by default, which cannot be changed.

Allow to be Automation Developer

A user who creates automation projects, but does not have direct access to complex and expensive resources, such as storage buckets.

Accounts that have the Allow to be Automation Developer tenant role should also have the Automation Developer folder role assigned to them at the folder level.

This is a tenant role and includes the following permissions by default, which cannot be changed.

Automation Developer

A user who creates automation projects, but does not have direct access to complex and expensive resources, such as storage buckets.

Accounts that have the Automation Developer folder role should also have the Allow to be Automation Developer tenant role assigned to them at the tenant level.

This is a folder role and includes the following permissions by default, which cannot be changed.

Solutions Administrator

A user who can create, edit, and delete solution packages and manage solution deployments.

This is a tenant role and includes the following permissions by default, which cannot be changed.

Solutions administrator role with all options selected for the Solution deployments and Solution packages permissions

Solutions Contributor

A user who can view, edit, and create solution packages and package versions.

This is a tenant role and includes the following permissions by default, which cannot be changed.

Solutions Contributor role with the View, Edit, and Create options selected for the Solution packages permission

On this page

Administrator Role
Tenant Permissions
Folder Permissions
Robot Role
Tenant Permissions
Folder Permissions
Personal Workspace Administrator Role
Standard Roles for Modern Folders
Orchestrator Administrator
Allow to Be Folder Administrator
Folder Administrator
Allow to Be Automation User
Automation User
Allow to be Automation Publisher
Automation Publisher
Allow to be Automation Developer
Automation Developer
Solutions Administrator
Solutions Contributor

PREVIOUSManaging Roles

NEXTConfiguring Access for Accounts

Support and Services

Get The Help You Need

UiPath Academy

Learning RPA - Automation Courses

UiPath Forum

UiPath Community Forum

Trust and Security

Cookies Policy