Skip to main content

Authentication for Pega Robot Manager users

Authentication is the process of granting users access to system objects, based on user identity. Authentication in Pega Platform™ ensures that users verified by password, token, or certificate can access the proper set of applications. Pega Robot Manager supports basic authentication and single sign-on (SSO) to authenticate client requests from Pega Robot Studio and Pega Robot Runtime.

It is a best practice to configure authentication requirements before creating users to access Pega Robot Manager, because the default authentication method depends on the user's Access Role and dynamic system settings. There are separate settings for the RuntimeUser Access Group and users with more Access Roles than a RuntimeUser. For more information about defining the authentication method, see Specifying the default authentication method for new Pega Robot Manager users

Basic authentication

Basic authentication is a simple scheme that validates usernames and passwords against operator records stored in the Pega database. The process of using basic authentication differs for attended and unattended robots. 

With attended robot operators, the case worker starts Pega Robot Runtime manually and needs to provide basic authentication credentials so that the robot operator can download the automation package and start working. When the password changes due to its expiration or update, the case worker must manually change the password in Pega Platform, as shown in the following figure: 

The scheme presenting the use of the basic authentication method and the password update procedure.

For unattended robots, to securely connect robot operators to Robot Manager and maintain operational flexibility, the RPA service uses three operator types for each robot operator to run.

In the following image, click the + icons to learn more about each step in the registration sequence of unattended robot operators:


Note: The RPA Service and Runtime operators are created dynamically during the registration process, and the system generates the credentials for these operators on the fly.   

For more information about the process of setting up basic authentication, seeAuthenticating Pega Robot Manager users through the basic method


Single sign-on

Single sign-on (SSO) allows users to securely authenticate to multiple applications (and websites) by authenticating once with an Identity Provider (IdP). You can enable single sign-on through OAuth SAML 2.0 and Kerberos to securely authenticate the domain user with Pega Robot Manager.  

For more information on SSO processes (Kerberos and OAUTH), see Understanding single sign-on authentication for Pega Robot Manager users

Check your knowledge with the following interaction: 

This Topic is available in the following Module:

If you are having problems with your training, please review the Pega Academy Support FAQs.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega Academy has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice