Subscribe

UiPath Studio

The UiPath Studio Guide

Governance

About Governance

To ensure Studio users adhere to development standards and comply with certain rules, organizations can enforce governance policies that control Studio functionalities.

You can enforce governance policies in one of the following ways:

  • Create and deploy policies from UiPath Automation Ops, an easy-to-use web application available in Automation Cloud.
  • Use a file-based governance model that consists of creating a JSON policy file and deploying the file locally, externally, or via Orchestrator.

This page documents the file-based governance model. For information on how to deploy policies from Automation Cloud, see the Automation Ops Guide.

The current capabilities are:

Watch the following video for an overview of the governance capabilities available in Studio and a demo of how to use them in StudioX.

To enforce a governance policy, start by generating a governance file from Studio, then configure the file using the parameters it contains, and apply the policy in one of the following ways:

  • Using a local file (for testing purposes) - Place the governance file in the Roaming folder on the machine where Studio is installed.
  • Using an external file (for large deployments) - Place the governance file at a path (for example, an HTTP/HTTPS server) referenced by either a registry key or an asset in Orchestrator.
  • Using an asset in Orchestrator - Copy the contents of the governance file to an asset in Orchestrator.

Generate the Governance File

The first step in enforcing development standards in your organization is to generate a governance file from Studio or manually create a similar file that would incorporate all or part of the capabilities we listed above.

🚧

Important!

The governance file must be of type .config with the following name uipath.policies.config.

To generate a governance file with your current configuration from Studio, go to the Backstage view > Help tab, and select Generate Governance File. The exported file can be shared across your team.

📘

Note:

If Studio is connected to a Cloud Orchestrator, you are prompted to select whether to generate a Classic or a Modern policy. Select the classic option for the file-based governance model. The modern option generates policies that you can then import in Automation Ops for an easy migration to that model.

Use the button below to download the sample that includes all Workflow Analyzer rules. Modify the sample to fit your organization's needs.

Configure the Governance File

File Version and File Label

Governance files may have different versions and a custom name.

{
    "Metadata": {
        "Version": "1.0"
                "LastUpdatedUtc": "2021-08-25T07:49:26.3089368Z",
                "Availability": null
    },
    "Info": {
        "Name": "Sample Policy Registry Key"
    }
}

Parameters

Values

"Metadata" > "Version"

major.minor between quotation marks ""

"Info" > "Name"

Label written between quotation marks "", visible in Home > Help, under Company Policy.

Studio Profiles

The governance file may contain policies for Studio and StudioX users, however, these must be structured per profile. Policies for Studio must be separated from those for StudioX as in the example below:

{
    "Profiles": {
        "Development": {
            "Shell": {
                "IsFeedbackEnabled": true,
                "HideGettingStartedScreen": false
            },
            "PackageManager": {},
            "Analyzer": {}
        },
        "Business": {
            "Shell": {
                "IsFeedbackEnabled": true,
                "HideGettingStartedScreen": false
            },
            "PackageManager": {},
            "Analyzer": {}
        }
    }
}

Parameters

Values

"Profiles"

For Studio: Development
For StudioX: Business
No longer in use For Studio Pro: StudioPro
You can add both profiles in the same file.

Settings Users Cannot Configure from Studio

The parameters under "Shell" enable you to prevent production runs from StudioX by setting a limit for the number of runs a user can perform for a project without any changes.

In addition, you can configure whether the feedback form and welcome screen are available to users.

{
      "Shell": {
        "IsFeedbackEnabled": true,
        "HideGettingStartedScreen": false,
        "RequireUserPublish": {
          "PermittedConsecutiveRuns": 3,
          "DialogMessage": null,
          "LogToQueue": {
            "QueueName": "NameOfQueue",
            "QueueFolder": "NameOfQueueFolder"
          }
        }
      }
}

Studio Setting

Parameters

Values

Enables or disables the Send feedback form that can be accessed from the Studio title bar.

"IsFeedbackEnabled"

Either true or false.

Enables or disables the welcome screen with links to the UiPath Academy, an introduction video, and tutorials that is displayed when users open Studio

"HideGettingStartedScreen"

Either true or false.

The parameters under "RequireUserPublish" enable you to limit the number of consecutive runs that can be triggered from Studio for a project that has no changes, and to configure logging settings for events where the limit is exceeded.

This can be used to prevent users from triggering production runs from Studio. As a best practice, projects that are ready for production should be published to Orchestrator and executed from the Assistant.

"RequireUserPublish" 1

N/A

Maximum number of consecutive times a project without changes can be run from Studio.

"PermittedConsecutiveRuns"

Enter the allowed number of times. If the value is null or a negative number, no limit is set.

Message to display to the user in a dialog box when the allowed number of consecutive executions is exceeded. The dialog box prompts the user to either publish the project or cancel the execution.

"DialogMessage"

Enter a custom message to display between quotation marks "". If the value is null, the following message is used: It appears you are performing production runs directly from your project. Your organization requires you to publish your project to Orchestrator and run from your Assistant.

The parameters under "LogToQueue" give you the option to configure an Orchestrator queue where to log events. The following information is logged for each event: username, project name, hash of the main XAML file, and timestamp from the local machine.

"LogToQueue"

N/A

Orchestrator queue in which to save the records.

"QueueName"

Enter the name of the queue between quotation marks "". If the value is null, no records are saved.

Orchestrator folder containing the queue in which to save the records.

"QueueFolder"

Enter the name of the Orchestrator folder between quotation marks "". If the value is null, no records are saved.

1 - Changes take effect only in the StudioX profile.

Usage of Package Sources

You can restrict accessing, adding, or removing package sources per Studio or StudioX using the governance file.

{
    "PackageManager": {
        "AllowAddRemoveFeeds": false,
        "AllowEnableDisableFeeds": false,
        "AllowOrchestratorFeeds": true,
        "Feeds": [{
                "Name": "Organization Internal Feed",
                "Source": "https://[company].pkgs.visualstudio.com/_packaging/nuget-packages/nuget/v3/index.json",
                "IsEnabled": true
            },
            {
                "Name": "Official",
                "Source": "https://packages.uipath.com/activities",
                "IsEnabled": true
            }
        ]
    }
}

Parameters

Values

"Package Manager"

"AllowAddRemoveFeeds"

Either true or false.

"AllowEnableDisableFeeds"

Either true or false.

"AllowOrchestratorFeeds"

Either true or false.

"Feeds"

"Name"

Label written between quotation marks "", visible in Manage Packages.

"Source"

Feed source written between quotation marks ", visible in Manage Packages.

"IsEnabled"

Either true or false.

If the "AllowAddRemoveFeeds" and "AllowEnableDisableFeeds" parameters are set to true, the user may modify feeds available in the Package Manager. If any changes are made, they are persisted when Studio is restarted.

If the "AllowOrchestratorFeeds" parameter is set to true and the Robot is Connected to Orchestrator, users cannot disable the default Orchestrator feeds.

Feeds that are defined in the governance file are added to the Default package sources section in the Manage Packages window and the user can add the custom feeds (if provided with the required rights in the governance file) to the User defined package sources section.

Please note that the path to the Local feed for per-user installations is C:\Users\CurrentUser\AppData\Local\Programs\UiPath\Studio\Packages.

Activities Panel Settings (StudioX only)

The settings under ActivitiesManager enable you to hide specific activities and enforce the use of the Show Developer filter in StudioX.

"ActivitiesManager": {
        "AllowShowDeveloper": false,
        "HiddenActivities": ["UiPath.Mail.Activities.Business.GmailApplicationCard","UiPath.Mail.Activities.Business.OutlookApplicationCard"]

}

Setting

Parameters

Value

Allows users to select the Show Developer filter in the activities panel in StudioX. If set to False, the option becomes unavailable.

"AllowShowDeveloper"

Either true or false.

A list of activities to be hidden from the activities panel.

"HiddenActivities"

Enter activity names in the array, separated by commas.

In the example below, the Use Gmail and Use Desktop Outlook App activities have been hidden.

"HiddenActivities": ["UiPath.Mail.Activities.Business.GmailApplicationCard",
"UiPath.Mail.Activities.Business.OutlookApplicationCard"]

Source Control Settings

The settings under "SourceControl" enable you to enforce the use of allowed repositories when working with GIT, and committing changes before publishing.

{
      "SourceControl": {
        "CheckInBeforePublishParam": {
          "AllowEdit": false,
          "Value": false
        },
       "RepositoriesConfigParam": {
          "AllowEdit": true,
          "Value": {
            "AllowSaveLocal": null,
            "AllowEditRepositories": null,
            "Repositories": [
              {
                "SourceControlType": 0,
                "Name": null,
                "Url": null,
                "DefaultFolder": null
              }
            ]
          }
       
}

The "AllowEdit" parameter indicates whether or not users are allowed to change the default setting configured by the governance file.

Studio Setting

Parameters

Value

Enforce Check-In before Publish
Note: This setting is available in Home > Settings > Design.

"CheckInBeforePublishParam"

Either true or false.

The parameters under RepositoriesConfigParam enable you to govern the use of source control repositories. This applies only for GIT.

"RepositoriesConfigParam"

N/A

Allow users to save projects locally on their machine.

"AllowSaveLocal" 1

Either true or false. If the value is null, the parameter is interpreted as true.

When set to false, users can't select This PC as the location when creating a new project in StudioX and will save the project to a repository.

Allow users to add and edit repositories.

"AllowEditRepositories"

Either true or false. If the value is null, the parameter is interpreted as true.

If set to false:
In StudioX backstage view, the options in Home > Team are read only and users are not able to add, edit or remove a repository.
In Studio, users can add repository URLs in the Clone a remote GIT repository window, but each URL is checked against the list of allowed repositories.

A list of allowed GIT repositories. This parameter accepts a JSON array of repositories.

"Repositories"

Note: A repository that is already checked out locally by a user is allowed for both profiles even if it is on the allowed list for only one of them.

Enter repositories in the array by adding the Name, Url, and optionally DefaultFolder (the default folder of the repository).

Example of a repository:
"Name": "%username%'s Repo",
"Url": "https://github.com/uipath/%username%",
"DefaultFolder": null

Adding a base URL (e.g. https://github.com/MyOrg/) allows the use of repositories with child URLs (e.g. https://github.com/MyOrg/RPA).
Any strings placed between % in the name and URL parameters are interpreted as environment variables on the user machines.
All spaces in the URL parameter are replaced with hypens (-).

1 - Changes take effect only in the StudioX profile.

Studio Settings

The following parameters enable you to configure settings found in Home (Studio Backstage View) > Settings. For more information, see Configuring Studio Settings.

{
      "Workflow": {
        "DefaultProjectLanguageParam": {
          "Value": VisualBasic,
          "AllowEdit": false
        },
        "DefaultProjectFrameworkParam": {
          "Value": "Classic",
          "AllowEdit": true
        },          
        "AllowedProjectFrameworks": {
          "Classic": true,
          "Modern": true,
          "CrossPlatform": true
        },
        "DockedAnnotationsParam": {
          "AllowEdit": false,
          "Value": true
        },
        "IsCollapsedViewSlimParam": {
          "AllowEdit": false,
          "Value": false
        },
        "UseSmartFilePathsParam": {
          "AllowEdit": true,
          "Value": true
        },
        "EnableLineNumberingParam": {
          "AllowEdit": true,
          "Value": true
        },
        "EnableActivityOnlineRecommendationsParam": {
          "AllowEdit": true,
          "Value": true
        },
        "EnforceReleaseNotes": null,
        "AnalyzeOnPublishParam": {
          "AllowEdit": false,
          "Value": false
        },
        "AnalyzeOnRunParam": {
          "AllowEdit": false,
          "Value": false
        },
        "AnalyzeRpaXamlsOnlyParam": {
          "AllowEdit": false,
          "Value": false
        },
        "AdditionalAnalyzerRulePathParam": {
          "AllowEdit": false,
          "Value": null
        },
        "DefaultProjectFolderParam": {
          "AllowEdit": false,
          "Value": null
        },
        "DefaultProcessPublishUrlParam": {
          "AllowEdit": false,
          "Value": null
        },
        "DefaultLibraryPublishUrlParam": {
          "AllowEdit": false,
          "Value": null
        },
        "DefaultTemplatePublishUrlParam": {
          "AllowEdit": false,
          "Value": "C:\\Users\\username\\Documents\\UiPath\\.templates"
        },
        "ModernBehaviorParam": {
          "AllowEdit": false,
          "Value": false
        },
        "ObjectRepositoryEnforcedParam": {
          "AllowEdit": false,
          "Value": false
        },
        "UseConnectionServiceParam": {
          "AllowEdit": true,
          "Value": false
        }
      },
}

Two parameters are available for most options:

  • "AllowEdit" - Indicate whether or not users are allowed to change the default setting configured by the governance file (true to allow, false to deny).
  • "Value" - Indicate the default setting, as described in the following tables.

Under "Workflow":

Studio Setting

Parameters

Value

Use C# Language

"DefaultProjectLanguageParam" 1

CSharp
If "AllowEdit" is false - Allow only C#.
If "AllowEdit" is true - Set the default language to C# and allow users to change the default language.
VisualBasic
If "AllowEdit" is false - Allow only VB.
If "AllowEdit" is true - Set the default language to VB and allow users to change the default language.

Create docked annotations

"DockedAnnotationsParam"

Either true or false.

Default project target framework

"DefaultProjectFrameworkParam" 1

"Classic"
If "AllowEdit" is false - Allow only Windows - Legacy (.NET Framework 4.6.1).
If "AllowEdit" is true - Set the default target to Windows - Legacy and allow users to change the target framework.
"Modern"
If "AllowEdit" is false - Allow only Windows (.NET 5.0).
If "AllowEdit" is true - Set the default target to Windows (.NET 5.0) and allow users to change the target framework.
"Cross-platform"
If "AllowEdit" is false - Allow only Cross-platform (.NET 5.0).
If "AllowEdit" is true - Set the default target to Cross-platform (.NET 5.0). and allow users to change the target framework.

The parameters under "AllowedProjectFrameworks" determine the target frameworks allowed when creating or opening a project in the Studio profile. To enable a framework, set its parameter to true.
Note: This setting cannot be configured from the Studio UI

"AllowedProjectFrameworks" 1

Either true or false. for each of the following:
"Classic" (Windows - Legacy, .NET Framework 4.6.1)
"Modern" (Windows, .NET 5)
"Cross-platform" (Cross-platform, .NET 5)

Use Smart File Paths

"UseSmartFilePathsParam" 2

Either true or false.

Enable line numbering

"EnableLineNumberingParam" 2

Either true or false.

Enable AI activity suggestions

"EnableActivityOnlineRecommendationsParam"

Either true or false.

Make the Release Notes field in the Publish wizard mandatory
Note: This setting cannot be configured from the Studio UI.

"EnforceReleaseNotes"

Either true or false.

Slim View for Collapsed Activities

"IsCollapsedViewSlimParam"

Either true or false.

Enforce Analyzer before Publish

"AnalyzeOnPublishParam"

Either true or false.

Enforce Analyzer before Run

"AnalyzeOnRunParam"

Either true or false.

Analyze RPA XAML Files Only

"AnalyzeRpaXamlsOnlyParam"

Either true or false.

Workflow Analyzer Rules Location

"AdditionalAnalyzerRulePathParam"

null - Use the default location.
To change the location, enter the path to the folder where custom rules are stored between quotation marks.

Project Path

DefaultProjectFolderParam

null - Use the default location.
To change the location, enter the path to the folder where custom rules are stored between quotation marks.

Publish Process URL

"DefaultProcessPublishUrlParam"

null - Use the default location.
To change the location, enter the path between quotation marks.

Publish Library URL

"DefaultLibraryPublishUrlParam"

null - Use the default location.
To change the location, enter the path between quotation marks.

Publish Project Templates URL

"DefaultTemplatePublishUrlParam"

To change the location, enter the path between quotation marks.

Use Modern for new projects

"ModernBehaviorParam"

Either true or false.

Object Repository enforced

"ObjectRepositoryEnforcedParam"

Either true or false.

Default to managed connections

"UseConnectionServiceParam"

Either true or false.

1 - Changes take effect only in the Studio profile.
2 - Changes take effect only in the StudioX profile.

Under "ObjectBrowser":

Studio Setting

Parameters

Value

Send anonymous UI Descriptors

"SendUiDescriptors"

Either true or false

Send Studio Usage Data to Your Organization

The parameters under "Telemetry" allow you to enable sending Studio usage data to an Application Insights resource in your Azure portal. This data allows you to monitor and analyze what users are doing in Studio. To enable this feature, enter the instrumentation key of your Application Insights instance in the "instrumentation-keys" parameter.

{
       "Telemetry": {
        "TelemetryOptions": {
          "TelemetryOptionsDictonary": {
            "instrumentation-keys": ""
        }
      }
   }
}

See the following table for information about the telemetry data that is sent to Application Insights.

Action

Event Name

Data Collected

Studio is started

StudioStarted

Windows user ID
Session ID

Studio is closed

StudioClosed

Windows user ID
Session ID
Session duration

Project is opened

OpenProject

Windows user ID
Session ID
Project name

Project is created

NewProject

Windows user ID
Session ID
Project name

Project is run / File is run

StartDebug

Windows user ID
Session ID
Project name

Run to this Activity is executed

Designer_RunTo

Windows user ID
Session ID
Project name

Project is published

PublishProject

Windows user ID
Session ID
Project name
Orchestrator URL
Folder name
Publish location (feed)

Activity package is installed

PackageAdded

Windows user ID
Session ID
Package name
Package version
Project name

Activity is added to a project

S.Activities.ActivityAdded

Windows user ID
Session ID
Activity name
Package name
Package version

Target is indicated in UI Automation activity

S.Activities.PropertyChanged

Windows user ID
Session ID

Workflow Analyzer Rules

The Workflow Analyzer is the tool for verifying if projects meet development standards. Using the governance file, organizations can enforce custom rules pertaining to their needs across all projects, in a centralized manner.

Remarks

  • The custom ruleset can be defined beforehand in a separate file of type .json, and delivered through a dll external assembly or custom activity pack. Read more about Building Custom Rules for Workflow Analyzer.
  • The governance file can't deliver credentials, which means secure feeds aren't supported.
  • If a custom ruleset is enforced, then users cannot make any changes to Workflow Analyzer rules.
  • If a custom ruleset was not referenced or embedded in the governance file, the Workflow Analyzer default rules are used. If the "Analyzer" section is not mentioned, governance for Workflow Analyzer is not enforced. If the section is mentioned, even if it's empty, then the management of rules is disabled in Studio.
  • When enforcing governance, rules built-in Studio or UiPath activity packages are disabled by default unless otherwise mentioned in the governance file or custom ruleset.

Enforcing Rules

There are two ways to manage the custom ruleset in the uipath.policies.config governance file:

  1. Point to the ruleset located at one of the following paths:
  • on the local machine;
  • shared on a network server or machine, identifiable by the UNC path;
  • in shared blob storage, identifiable via the http(s) path.
  1. Embed the custom ruleset by enabling or disabling rules, mentioning their IDs, parameters, error levels.

All custom rules must be referenced or added in the "Analyzer" section. Rules and counters must be split into their own sections, as illustrated below:

{
    "Analyzer": {
    "AllowEdit": false,
        "ReferencedRulesConfigFile": null,
        "EmbeddedRulesConfig": {
            "Rules": [
        {
                    "Id": "ST-NMG-001",
                    "IsEnabled": false,
                    "Parameters": [{
                        "Name": "Regex",
                        "Value": null
                    }],
                    "ErrorLevel": "Error"
                }
            ],
            "Counters": [{
                "Id": "ST-ANA-009",
                "IsEnabled": true,
                "Parameters": []
            }]
        }
    }
}

Parameters/Sections

Values

"AllowEdit"

If set to true, governance settings are passed as defaults allowing the user to make changes to rules.
If set to false, no changes can be made to any rules.
If the parameter is not added, by default, users are restricted from editing rules.

"ReferencedRulesConfigFile"

Path to .json ruleset
Use null to enforce rules from "EmbeddedRulesConfig"

"EmbeddedRulesConfig"

Holds "Rules" and "Counters"

"Id"

Rule ID, ex. ST-NMG-001

"IsEnabled"

Either true or false

"Parameters"

Holds the rule parameter's **Name** and **Value**
Use [] if the rule doesn't have parameters.

"Name"

The parameter's name written between quotation marks.

"Value"

The parameter's value written between quotation marks
Can be null

"ErrorLevel"

Either Error, Warning, Info or Verbose.

"Counters"

Holds parameters for counters: "Id", "IsEnabled", "Parameters" 1.

1 - Since counters don't have parameters, use [].

If the "AllowEdit" parameter is set to true, the user may modify rules available in the Workflow Analyzer settings window. If any changes are made, they are persisted when Studio is restarted.

Enforce the Governance Policy

Using a Local File

If stored locally, the governance file must be located at the following path: %AppData%\UiPath.

Using an External File

If stored externally, the path to the policy file must be defined using the Windows Registry or an Orchestrator asset:

To define the file path using the Windows Registry:

  1. Open Registry Editor on the machine where Studio is installed.
  2. Locate the following registry key: Computer\HKEY_CURRENT_USER\Software\UiPath and hit Enter.
  3. In the Registry Editor, right-click and select New > String Value. Type in the GovernanceSource name for the new value. Do not use another name for the value!
  4. Double-click the GovernanceSource string to edit. In the Value data field add the path to the uipath.policies.config file, and click OK.

The registry key should look like this:

To define the file path using an Orchestrator asset:

  1. In Orchestrator, select Tenant > Folders and add a new folder named uipath.settings.config.
  2. Assign the users for which to enforce the governance policy to the folder.
  3. In the uipath.settings.config folder, create a new asset and configure it as follows:
    • Asset name - uipath.studio.governancesource.
    • Type - Text.
    • Global Value - Select this option and enter the full path to the uipath.policies.config file in the text box.
      Optionally, you can apply different policies to different users by adding per-user values with paths to different files.
      :information-source: Note: Adding per-user values currently works only for Automation Cloud Orchestrator.

Using an Orchestrator Asset

  1. In Orchestrator, select Tenant > Folders and add a new folder named uipath.settings.config.
  2. Assign the users for which to enforce the governance policy to the folder.
  3. In the uipath.settings.config folder, create a new asset and configure it as follows:
    • Asset name - uipath.studio.governancepolicy.
    • Type - Text.
    • Global Value - Select this option and paste the entire contents of the uipath.policies.config file in the text box.
      Optionally, you can apply different policies to different users by adding per-user values and pasting different parameters.
      :information-source: Note: Adding per-user values currently works only for Automation Cloud Orchestrator.

Applying and Precedence

When a policy is defined, it is applied after Studio is restarted.

A message appears in the Workflow Analyzer settings window, Send Feedback window, in the Settings tab in Backstage View,, and in the Manage Packages window.

Studio applies the governance policy using the following order of precedence: Automation Ops > uipath.studio.governancepolicy > uipath.studio.governancesource > Registry key > local file.

If the governance policy is removed for the user, settings that were enforced through the governance file are persisted as defaults. However, now the user has the option to modify settings that were restricted when the governance policy was in place.

Updated about a month ago

Governance


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.