All automation actions, for example, create, view, update, deploy, and delete, across the Automation Anywhere Enterprise are done only after Enterprise Control Room authentication is successfully completed.

After authentication is successful, the platform applies a second mandatory level of access control enforcement in the form of fine-grained Role-Based Access Control (RBAC).

Automation Anywhere offers seamless integration with Microsoft Windows Active Directory for access to the Enterprise Control Room, Bot Creators, and Bot Runners. When Enterprise Control Room is integrated with the Active Directory, all the Active Directory users with basic details are directly available in the Enterprise Control Room without any extra configuration. For Active Directory integration, user passwords stay in only Active Directory and are not saved in the platform.

In addition to Active Directory authentication, the Enterprise Control Room has its own controls to prevent unauthorized access to any automation data. See Dynamic access token authentication of Bot Runners:.

Bot Runner users can also configure their Active Directory credentials for Bot Runners machine autologin. These credentials are saved in the centralized Credential Vault.