In addition to basic authentication credentials, the Robot can be authenticated using SmartCards (Common Access Cards or Personal Identity Verification cards).
In this regard, the
Features.SmartCardAuthentication.Enabled parameter has been added to the
web.config file. The following values are available:
True- Displays the The password represents a SmartCard Pin check box on the Create a New Standard Robot and Create a New Floating Robot windows, thus giving you the possibility to authenticate your Robots using the SmartCard Pin.
False- No SmartCard-pertaining option is available. This is the default value.
This feature only works if the Login to Console option on the Settings tab is set to True.
SmartCard authentication is compatible with Unattended, Development and NonProduction Robots. However, since no password is needed for Attended Robots, neither is SmartCard authentication.
Both virtual and physical cards can be used for authentication, as long as they are part of a single Active Directory domain. The corresponding user must belong to the same domain.
Virtual card authentication is only possible on Windows 8.1 and above.
A SmartCard has a unique Pin. Multiple users can be registered to a card, in which case all users have the same Pin. A user can also be registered to multiple cards, in which case multiple Pin numbers are used for the same user.
Please note that the SmartCard needs to be inserted with every authentication. As long as the SmartCard is inserted, the associated Robot is available on the corresponding machine.
Simultaneous process execution with Robots registered with the same username but different authentication methods is NOT supported.
It is highly recommended to consult your company’s password policy before using the SmartCard authentication method. Credentials for a Robot which authenticates with a SmartCard may be stored in either the SQL Server or CyberArk. Find out more about storing Robot credentials in CyberArk here.