- Getting started
- Best practices
- Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- SmartCard Authentication
- Audit
- Resource Catalog Service
- Folders Context
- Automations
- Processes
- Jobs
- Triggers
- Logs
- Monitoring
- Queues
- Assets
- Storage Buckets
- Test Suite - Orchestrator
- Other Configurations
- Integrations
- Classic Robots
- Host administration
- Organization administration
- About organizations
- Managing organization administrators
- Managing organization settings
- Managing external OAuth applications
- Overriding system email settings
- Audit logs
- Troubleshooting
Orchestrator User Guide
Managing external OAuth applications
As an admin, using the OAuth framework, you can delegate authorization to external applications. Once registered, these applications can make API calls to UiPath applications or resources scoped to the APIs you designate.
To register an external application so that it can use OAuth to access your UiPath resources:
Scopes are the permissions of the external application in relation to a UiPath resource.
If you don't know the application secret that was generated for a confidential external application, you cannot recover it. But you can generate a new one.
To generate a new app secret:
After you register an external application, a developer must also set up the external application so that it properly authenticates, requests authorization from UiPath Identity Server, and then accesses the allowed UiPath resources.
Instructions for the developers maintaining the integration with the external application are available in Accessing UiPath Resources Using External Applications.
For developers to be able to perform those tasks, you must share the following information with them:
- the Application Type and Application ID, both of which are visible on the External Applications page
- the scopes added for each scope type; for some resources, the same name is used under both user and application scopes, so the type is also important
-
if this is a confidential application, the application secret generated when you registered the external application.
Note: If you don't have the secret anymore, generate a new one, as described above on this page.