- Organization Modeling in Orchestrator
- Managing Large Deployments
- Automation Best Practices
- Optimizing Unattended Infrastructure Using Machine Templates
- Organizing Resources With Tags
- Orchestrator Read-only Replica
- Exporting grids in the background
- About the Tenant Context
- Searching for Resources in a Tenant
- Managing Robots
- Connecting Robots to Orchestrator
- Storing Robot Credentials in CyberArk
- Storing Unattended Robot Passwords in Azure Key Vault (read-only)
- Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
- Storing Unattended Robot Credentials in AWS Secrets Manager (read Only)
- Deleting Disconnected and Unresponsive Unattended Sessions
- Robot Authentication
- Robot Authentication With Client Credentials
- Bulk Uploading Queue Items Using a CSV File
- Managing Queues in Orchestrator
- Managing Queues in Studio
- Review Requests
- Test Automation
- Host Administration Portals
- Configuring System Email Notifications
- Managing System Administrators
- Configuring Host Security
- Host Audit Logs
- Customizing the Login Page
- Maintenance Mode
- Managing tags
- Audit Logs
- Overriding System Email Settings
A credential store is a named location within a secure store, such as CyberArk, from which you can store and retrieve sensitive data such as robot credentials and credential assets when needed. Orchestrator supports the use of multiple credential stores at tenant level, and provides built-in support for Azure Key Vault, CyberArk CCP, HashiCorp Vault, Thycotic Secret Server, BeyondTrust, AWS Secrets Manager, and CyberArk. It also provides the necessary architecture to add and manage third party secure stores, if desired.
The Credentials page is split in two views: Stores and Proxies.
- The Stores page allows you to create new stores, view existing stores and their properties, and delete any current credential store. Note that the native Orchestrator Database store is automatically created, will always appear first in this list and be the Default store for all new tenants.
The Proxies page allows you to create new proxies for your own custom credential stores, view a list of existing proxies, edit, and remove them.Note: The credential stores feature must be enabled for your tenant by the Orchestrator administrator. See here for details.
Credential store plugins
Beyond the secure stores with built-in support, Orchestrator architecture supports the functionality of loading third-party or developing custom plugins, enabling you to use any desired credential store.
Loading third-party plugins
- Navigate to the
\Orchestrator\Pluginsfolder in your Orchestrator installation directory.
- Save the
.dllfiles of your plugin in this folder.
- Update the
UiPath.Orchestrator.dll.configfile with this plugin as detailed here.
- Restart your Orchestrator instance and check the logs to confirm that the plugin was loaded successfully.
- Your new credential store should now be available when creating a new credential store.
Development documentation for creating your own secure store plugins is available in the UiPath repository.
Also available there are three samples to assist in your development:
- RandomPass - a read-only store that will generate a random password;
- SQLPass - a read/write store using an external SQL database other than the Orchestrator database;
- Key Vault - the fully functional Key Vault plugin available with your Orchestrator instance.