- Getting started
- Best practices
- Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- SmartCard Authentication
- Audit
- Resource Catalog Service
- Folders Context
- Automations
- Processes
- Jobs
- Triggers
- Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Test Suite - Orchestrator
- Other Configurations
- Integrations
- Classic Robots
- Host administration
- Organization administration
- Troubleshooting
Orchestrator User Guide
Configuring host authentication settings
As a system administrator, you can choose the authentication and related default security settings for your entire installation. These settings are inherited by all organizations as default.
This article walks you through the steps for configuring global authentication and security settings. If you want to configure organization-level settings, i.e., settings that apply to one organization, see documentation on organization-level authentication settings.
See an .
The platform allows you to configure an external identity provider to control how your users sign in. Settings here apply to all organizations.
The instructions indicated in the following table are for a new installation or if you are configuring one of the external providers for the first time.
If you upgraded and were already using one or more of the external providers listed below, the configuration is migrated, but you might need to perform some reconfiguration tasks. If so, follow the instructions in Reconfiguring authentication after upgrade instead.
External Provider Integration |
Authentication |
Directory Search |
Administrators Provisioning |
---|---|---|---|
Administrators can use SSO with Windows Authentication using the Kerberos protocol |
Administrators can search for users from the Active Directory |
For a user to be able to login, either the user or a group that the user is a member of should already be added to the UiPath platform. Active Directory users and groups are available in the UiPath platform through directory search. | |
Administrators can use SSO with Azure AD using the OpenID Connect protocol |
Not supported |
Users must be manually provisioned into the UiPath organization with an email address matching their Azure AD account. | |
Users can use SSO with Google using the OpenID Connect protocol |
Not supported |
Users must be manually provisioned into the UiPath organization with an email address matching their Google account. | |
Users can use SSO with any Identity Provider that supports SAML |
Not supported |
Users must be manually provisioned into the UiPath organization with a username/email/external provider key (as configured in their external identity provider configuration) matching their SAML account. |