Banner background image
Orchestrator User Guide
Last updated 2024年5月20日

Configuring SSO: SAML 2.0

Orchestrator can handle single sign-on (SSO) authentication based on SAML 2.0. To enable it, both Orchestrator/Identity Server as Service Provider, and an Identity Provider must be properly configured so that they can communicate with each other. If SAML is enabled and correctly configured, a button is displayed at the bottom of the Login page. If the external identity provider uses a multi-factor authentication protocol, the user needs to comply to the corresponding rules as well in order to successfully log in.


Orchestrator/Identity Server supports multiple identity providers. In this guide we exemplify the following:


To enable SAML authentication, the high-level process is as follows:

  1. Define a user in Orchestrator and have a valid email address set on the Users page.

    This applies if your email address is set as a SAML attribute. You can configure a custom mapping strategy as well.

  2. Import the signing certificate provided by the Identity Provider to the Windows certificate store using Microsoft Management Console, and set Orchestrator/Identity Server to use it accordingly.
  3. Add the configuration specific to the identity provider you want to use in the Saml2 settings (Users > Authentication Settings > External Providers), making sure the Enabled checkbox is selected. Follow the instructions for the identity provider you use:

  • Overview

Was this page helpful?

Get The Help You Need
Learning RPA - Automation Courses
UiPath Community Forum
Uipath Logo White
Trust and Security
© 2005-2024 UiPath. All rights reserved.