orchestrator

latest

false

Getting started
- Introduction
- Licensing
- Robots
  - Robot Statuses
  - Robot Settings
- Auto Updating Client Components
- Time-to-live Periods
- Orchestrator Outbound IP Addresses
- Notifications
Best practices
- Organization Modeling in Orchestrator
- Automation Best Practices
- Optimizing Unattended Infrastructure Using Machine Templates
- Unattended automation
- Organizing Resources With Tags
- Orchestrator Read-only Replica
- Exporting grids in the background
Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Robots
- Folders
- Monitoring
- Access control
- Configuring automation capabilities
- Machines
- Solutions
- Packages
- Audit
- Credential Stores
  - Integrating credential stores
  - Managing credential stores
  - The Orchestrator Credentials Proxy
  - Managing credential proxies
- Webhooks
  - Types of Events
  - Managing Webhooks
- Licensing
  - Managing Your Licenses
- Settings
Cloud robots
- Unified Pricing licensing
  - Consuming platform units
  - Platform units calculus example
- Flex licensing
- Elastic Robot Orchestration
- Automation Cloud™ Robots - VM
- Automation Cloud™ Robots - Serverless
- Configuring VPN for cloud robots
- Configuring an ExpressRoute connection
- Live streaming and remote control
- My notifications
Folders Context
- About the Folders Context
- Home
Automations
- About Automations
Processes
- About Processes
- Managing Processes
- Managing Package Requirements
- Recording
- Live streaming and remote control
  - Live streaming and remote control via RealVNC
    - Error scenarios
  - Live streaming and remote control via TightVNC
    - Error scenarios
Jobs
- About Jobs
- Managing Jobs
- Job States
- Working with long-running workflows
- Running Personal Remote Automations
- Process Data Retention Policy
Apps
- About Apps
- Publishing an App to a Tenant
- Managing Apps
- Running a Deployed App from a Folder
Triggers
- About triggers
- Managing triggers
- Managing Non-Working Days
- Using Cron Expressions
  - Triggering jobs on the last day of the month
Logs
- About Logs
- Managing Logs in Orchestrator
- Logging Levels
Monitoring
- About Monitoring
- Machines
- Agents
- Processes
- Queues
- Indexes
- Queues SLA
Queues
- About Queues and Transactions
- Bulk uploading Queue Items using a CSV file
- Managing Queues in Orchestrator
- Managing Queues in Studio
- Managing Transactions
  - Editing Transactions
  - Field Descriptions for the Transactions .csv File
- Review Requests
Assets
- About Assets
- Managing Assets in Orchestrator
- Managing Assets in Studio
- Storing Assets in Azure Key Vault (read only)
- Storing Assets in HashiCorp Vault (read only)
- Storing Assets in AWS Secrets Manager (read only)
Business Rules
- About Business Rules
  - Permissions for Business Rules
- Managing Business Rules
  - Creating a business rule
Storage Buckets
- About Storage Buckets
  - CORS/CSP Configuration
- Managing Storage Buckets
Indexes
- About indexes
- Managing indexes
Orchestrator testing
- FAQ - Deprecating the testing module
- Test Automation
- Test Cases
  - Field Descriptions for the Test Cases Page
- Test Sets
  - Field Descriptions for the Test Sets Page
- Test Executions
  - Field Descriptions for the Test Executions Page
- Test Schedules
  - Field Descriptions for the Test Schedules Page
- Test Data Queues
- Testing Data Retention Policy
Resource Catalog Service
- About Resource Catalog Service
Integrations
- About Input and Output Arguments
  - Example of Using Input and Output Arguments
Troubleshooting
- About Troubleshooting
- Alerts troubleshooting
- General troubleshooting
- Frequently Encountered Orchestrator Errors

Orchestrator user guide

DELIVERY:

Last updated May 22, 2025

Managing credential proxies

You can create and manage proxies for your own custom credential stores, allowing you to individually control the safety of your credentials.

Proxy types

You can choose between these two types:

Connected proxy (Managed by Orchestrator) - when a robot requests credentials, Orchestrator retrieves them from the proxy and passes them on to the robot.
Disconnected proxy (Managed by the proxy service) - when a robot requests credentials, they are retrieved directly from the proxy, without having to go through Orchestrator. This type is only compatible with Robots version 23.10+.
Important:
- The disconnected credentials proxy is only available if you are on the Enterprise - Advanced licensing plan.
- If you want to retrieve disconnected proxy credentials, you need to use the following minimum versions: 2.0.1 for the proxy, and 24.3 for the System Activities pack.

Creating a credentials proxy

Once you have installed the Orchestrator Credentials Proxy, you can create a custom proxy, which holds your custom credential stores.

Screenshot of the two pages corresponding to the creation of each proxy type

To do that, follow the steps below:

At the tenant level, click Credentials > Proxies > Add Credentials Proxy. The Add Credentials Proxy window is displayed.
Choose either Connected proxy (Managed by Orchestrator) or Disconnected proxy (Managed by the proxy service).
Add a name for your proxy.
Add the URL pertaining to the virtual machine included in the Orchestrator Credentials Proxy setup.
Add the key.

For the connected proxy, depending on the installation method, this is either the secret key generated by the .msi installer, or the one held by the Jwt:Keys parameter.

For the disconnected proxy, this must be a key that already exists in one of the disconnected proxy's local configuration files.

The information you provide at steps 4 and 5 create the link between Orchestrator and the installation which contains your custom credential store plugins.
Click Create.

You can then add the desired store as follows:
At the tenant level, click Credentials > Stores > Add credential store.
From the Proxy list, select the proxy that you have just created.
From the Type list, select the third party credential store defined by your plugin.

Editing a credentials proxy

To edit a proxy, click More Actions > Edit. The Edit Credentials Proxy page is displayed, allowing you to change the name, URL, or key as needed.

Deleting a credentials proxy

To delete a proxy, click More Actions > Remove. If the selected proxy is in use, a warning dialog is displayed, listing the number of robots and assets that will be affected. Click Yes to confirm the removal or No to abort.

On this page

Proxy types
Creating a credentials proxy
Editing a credentials proxy
Deleting a credentials proxy

Was this page helpful?

PREVIOUSThe Orchestrator Credentials Proxy

NEXTWebhooks

Support and Services

Get The Help You Need

Learning RPA - Automation Courses

UiPath Community Forum

Trust and Security

© 2005-2025 UiPath. All rights reserved.