- 入门指南
- 最佳实践
- 租户
- 注册表
- Cloud Robots
- Automation Suite 机器人
- 文件夹上下文
- 流程
- 作业
- Apps
- 触发器
- 日志
- 监控
- 索引
- 队列
- 资产
- 连接
- 业务规则
- 存储桶
- MCP 服务器
- Orchestrator 测试
- 资源目录服务
- 集成
- 故障排除
Orchestrator 用户指南
Interactive login is designed for developers working locally who need quick access to test MCP Servers. The client in this method is the UiPath CLI (uipath command-line tool) running on your development machine.
When you run uipath auth, the CLI opens your default browser to the UiPath Cloud login page. After you authenticate, the CLI saves the resulting Bearer token to a .env file in your current directory. You then include this token in the Authorization header of your HTTP requests to the MCP Server endpoint.
Interactive login is suitable for the following scenarios:
- Local development and testing of MCP Servers.
- Quick API testing with cURL, Postman, or MCP Inspector.
- Debugging MCP tool calls with full user permissions.
- Any scenario where a human developer is present at the terminal.
It is not suitable for unattended or automated scenarios. In this case, use an external application instead. For IDE integrations, use the MCP OAuth flow.
先决条件
- The UiPath CLI is installed on your development machine.
- You have an account with the Automation User, Automation Developer, or Folder Administrator role in the folder containing the MCP Server.
Authenticate and call an MCP Server
-
Authenticate to UiPath:
uipath authuipath authThe CLI opens your default browser. Log in to UiPath Cloud to complete authentication. The CLI saves the resulting Bearer token to a
.envfile in your current directory asUIPATH_ACCESS_TOKEN. -
Export the token to your shell environment:
export UIPATH_ACCESS_TOKEN=$(grep UIPATH_ACCESS_TOKEN .env | cut -d= -f2)export UIPATH_ACCESS_TOKEN=$(grep UIPATH_ACCESS_TOKEN .env | cut -d= -f2) -
Call an MCP Server using the exported token:
curl -X POST "https://cloud.uipath.com/{org}/{tenant}/agenthub_/mcp/{folderKey}/{slug}" \ -H "Authorization: Bearer $UIPATH_ACCESS_TOKEN" \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"initialize","params":{"protocolVersion":"2025-06-18","capabilities":{},"clientInfo":{"name":"curl","version":"1.0"}},"id":1}'curl -X POST "https://cloud.uipath.com/{org}/{tenant}/agenthub_/mcp/{folderKey}/{slug}" \ -H "Authorization: Bearer $UIPATH_ACCESS_TOKEN" \ -H "Content-Type: application/json" \ -d '{"jsonrpc":"2.0","method":"initialize","params":{"protocolVersion":"2025-06-18","capabilities":{},"clientInfo":{"name":"curl","version":"1.0"}},"id":1}'
结果
The MCP Server validates the token and responds to the initialize request. You can then send subsequent MCP protocol messages with the same Authorization header on every request.
Token characteristics
- Type: JWT
- Audience: includes
OrchestratorApiUserAccess - Issuer: UiPath Identity Server (
{env}.uipath.com/identity_) - Expiry: one hour. There is no automatic refresh, re-run
uipath authto get a new token.
The token grants:
- Access to all folders where the logged-in user has role assignments.
- All permissions the user has in those folders (inherited from their roles).
- Compatibility with Integration Service activities (user context is present).
Applicable MCP Server types
This authentication method works with all MCP Server types: UiPath, Coded, Command, Self-hosted, Remote, and Platform.