Configure unattended automations on remote devices with MCP inbound

Agent Interoperability with MCP (Model Context Protocol) lets third-party AI assistants safely start unattended Automation Anywhere automations on remote devices.

Unattended automation execution from AI assistants

This feature allows you to build fully autonomous AI agents that can carry out business processes from start to finish without needing human help. By clearly separating invocation and execution identities, the platform supports autonomous AI agents while preserving enterprise security, governance, and operational consistency.

You can use this feature to:
  • Update purchase orders (POs) in SAP
  • Execute procurement and ERP workflows
  • Run unattended automations on remote devices from AI-driven requests

Every automation started through MCP contains both of these user roles:

Role Description
Task Invoker Someone who requested it. The user who triggers the automation from a third-party system (for example, Joule or another AI assistant).
Task Executor Someone whose credentials executed it. The user identity whose credentials are used to run the automation on devices and business applications.

Automation execution modes

When configuring MCP remote deployment, you select how to run the automation.

Automation (Task) Invoker user: The automation runs as the same user who triggered it.

Behavior Use Cases
  • The Task Invoker and Task Executor are the same user.
  • Automation permissions, device permissions, and auto-login credentials are validated for the invoker.
  • If the invoker is an attended bot runner user, the automation runs on the user’s default device.
  • Device override selections are ignored in this scenario.
    Note: If device overrides are selected while running as an attended invoker user, the system displays an error message and uses the default device.
  • Regulated environments requiring strict user-level accountability.
  • Scenarios where automations must run strictly under the requesting user’s credentials.

Specific user (Task Executor, run-as user):The automation is triggered by one user but executed by another user.

Behavior Use Cases
  • Task Invoker: Business user who triggers the automation
  • Task Executor: Selected run-as user
  • The automation:
    • Unlocks devices using the executor’s credentials
    • Accesses business applications (for example, SAP) using the executor’s identity
  • Device selection:
    • Uses the executor’s default device
    • If unavailable or overridden, uses selected device pool in the order configured
  • Fully autonomous AI agents.
  • Shared or service accounts
  • Large-scale unattended automation
  • Scenarios where end users do not require direct execution credentials

Permissions and access control

Automation Anywhere enforces existing security and RBAC policies without modification.

User Permissions
  • The Task Invoker must have permission to run the automation.
  • The Task Executor must have:
    • Bot permissions
    • Access to the assigned device pool
    • Valid auto-login credentials for unattended execution
Note: Available run-as users and device pools are filtered based on the logged-in user’s permissions. Users only see options they are authorized to use.

Prerequisites

  • You have the Agent connections permission in the Control Room.
  • The automation is checked in and is a supported type (process, task bot, or API task). Automations that use dictionary, record, table, session, window, or file variable types cannot be exposed as inbound tools.
  • At least one run-as user with a bot-running license and an available device or device pool is configured in the Control Room.

To configure an inbound tool and run an automation unattended on a remote device:

Procedure

  1. Sign in to the Control Room, navigate to AI > Agent connections, open the agent connection you want to configure, then click +Add > Inbound tool.
  2. On the Select automation step, click Browse, select the automation from the Find a file dialog, then click Choose.

    Only supported automation types that have not already been added to this connection appear in the list. If multiple versions of the automation exist, the latest version is used.

    Add Inbound Tool Select Automation
  3. In the Tool name field, confirm or update the name (maximum 128 characters), enter a description in the Description field (maximum 2,000 characters), then click Next.

    The description is used by the AI agent to determine when and how to call the tool. Write it as a clear action statement.

  4. On the Variable details step, for each input and output variable you want to expose, select Required and enter an AI-facing description, then click Next.

    All required variables must be selected to avoid runtime failures. Describe each variable in plain language so the AI agent knows what value to supply — for example: First name of the user as it appears on their government-issued ID.

    Note: Unsupported variable types (dictionary, record, table, session, window, file) do not appear and cannot be selected.
  5. On the Run-as users step, select Select specific user, click + to open the Add items dialog, select one or more run-as users, click Add, then click Next.

    The selected users become the Task Executors at runtime. If a run-as user does not have a compatible default device, assign a device pool in the next step. To run the automation as the user who triggers the MCP request instead, select Use automation invoker.

  6. On the Device pools step, click + to add one or more device pools, arrange them in priority order, then click Next.

    When a run-as user's default device is unavailable or incompatible, the automation deploys to the first available device found in the selected pools, checked in the order listed. To route all executions through the pool regardless of the user's default device, turn on Override default device.

  7. Review Resiliency settings and General settings as needed, then click Add.

    Resiliency settings and General settings are optional. General settings defaults to an automation priority of Medium. Each completed wizard step is indicated with a green check mark.

The inbound tool is added to the agent connection and is available for external AI agents to discover and invoke over MCP. The automation runs unattended on the configured run-as users and device pools each time the tool is called.

Next steps

To verify that the tool is discoverable, connect an MCP client to the agent connection endpoint and confirm the tool name and description appear in the client's tool list. For information about connecting an MCP client, see Configure an Agent connection (MCP inbound tool).