Automation 360

Create OAuth connection

Download as PDF

Automation 360
Features, licenses, and deployment
- Platform licenses
  - Enterprise Platform
  - Automator AI Platform Base
- Deployment models
- Cloud licensing FAQ
Release Notes
- Automation 360 Release Notes
- Community Edition Release Notes
- Sandbox environment
- Package updates overview
- Previous Package SDK Release Notes
- Process Discovery Release Notes
- Browser extensions for Automation 360
- Automation 360 feature comparison matrix
- Automation 360 IQ Bot feature comparison matrix
- Automation 360 IQ Bot version compatibility
Automation 360 Cloud
- Automation 360 FAQ
- Automation 360 architecture and resiliency
- Automation 360 Cloud FAQ
- Automation 360 software lifecycle policy
- Automation resiliency
  - Managing unexpected pop-ups
    - Configure pop-up handling
  - Record automation execution
    - Configure automation recording
    - Manage automation recording
- Upcoming feature deprecations
- In-product user assistance
Automation and generative AI
- AI Agent Studio
- Automator AI
- Data security for generative AI - FAQ
Set up Automation 360
- Get started with Automation 360 Cloud
  - Automation 360 Cloud prerequisites
- Installing Control Room On-Premises
- Set up Community Edition
  - Community Edition capabilities
- Get started with Bot Agent
- Naming guidelines for Control Room URLs
- Post-installation user management
- Update Automation 360 to latest version
  - Update Automation 360 on Microsoft Windows Server using scripts
- Install and update Automation 360 IQ Bot
- Log in to Automation Anywhere Control Room
- Create your first bot
- Run your first bot
- Moving from Automation 360 On-Premises to Cloud
  - Moving data using Control Room operations
  - Migrate using Control Room APIs
- Migrate to Automation 360
Configure Automation 360
- Users
- Roles
- Manage licenses
  - View license details
  - Installing additional licenses
- Create your users and assign their licensed roles
- Configure Settings
- Edit My settings
  - Edit profile settings
- Set up your bot repository
- Working with repositories, credentials and roles
  - Manage user credentials
- Credentials and lockers in the Credential Vault
Manage Automation 360
- Devices
  - About multi-user devices
    - Configure RDP-based deployment for multi-user devices
    - Convert an existing device to a multi-user device
  - Edit multiple devices simultaneously
- About device pools
- Add queue, Bot Runner, and device pool
- Configure Active Directory in Control Room
- Configure OAuth connections in Control Room
- Packages
- External key vaults for Automation 360
- Workload management
- Bot Lifecycle Management
Monitor Automation 360
- Automation Command Center
- Automation program lifecycle with CoE Manager
- Activities
- Audit log
  - Audit events list
  - Export audit data to CSV
- Code analysis
- Notifications
- Control Room log files
Build automations
- Process Composer
- Interactive forms
  - Add a form to bot
- API Task
- Connector Builder
- Recorders
  - Universal Recorder for object-based automation
  - AISense for recording tasks from remote applications
- Task Bots
- Templates
- Bot Store
- Advanced bots and packages
- Troubleshooting and debugging
Automation Co-Pilot
Automation Co-Pilot for Business Users
- Embed automations in your application using Automation Co-Pilot
- Using Automation Co-Pilot for Business Users on desktop
- Automation Co-Pilot for Business Users on the web interface
- Approvals in Automation Co-Pilot
  - Using and sorting the Tasks view
- Automation Co-Pilot status and notifications
Users and roles for Automation Co-Pilot
- Create users for Automation Co-Pilot
- Create a team and assign roles to team members
- Manage roles and teams for Automation Co-Pilot
- Scheduler users and device pools in Automation Co-Pilot
- Configure deployment type for bots
Automation scenarios
- Scenario: Generating insurance quote with Automation Co-Pilot and Process Composer
- Scenario: Developing and using templates in an automation
Document Automation
- Document Automation processing workflow
- Document Automation FAQ
- Intelligent document processing solutions - feature comparison matrix
- Set up your Document Automation environment
- Create a learning instance in Document Automation
- Improve extraction accuracy through validation
  - Improve table data extraction
  - Lock the validation feedback
- Connect learning instance
  - Extracting data from check boxes
- Integrate third-party parser in learning instance
  - Create a parser and configure with learning instance
    - Sample codes for parser contracts
    - Sample SDK Project: AWS Textract
- Publish the learning instance to production
  - Build a bot to upload documents to Document Automation
  - Deploy the learning instance assets
- Validating documents through Automation Co-Pilot validator
  - Validate documents as Validator user
- Export or Import learning instances
  - Incorporating validation feedback in export/import of learning instances
- Create custom models in Document Automation using Standard Forms
- Document Automation support for Google Custom Document Extractor (CDE)
- Document Automation - Data extraction using generative AI
- Languages supported in Document Automation
  - Language support matrix and OCR engines
- Document Automation Community Edition
  - Create a learning instance in Community Edition
  - Process documents in Community Edition
Automation 360 IQ Bot
- IQ Bot architecture diagram
- Using Automation 360 IQ Bot On-Premises
- Using Automation 360 IQ Bot Cloud
- IQ Bot user personas and roles
  - Defining a custom role for IQ Bot
  - Creating a user with an IQ Bot specific role
- Languages supported in Automation 360 IQ Bot
- About the Classifier
  - Create a new document group
- Create a learning instance
- Train a learning instance
- Manage learning instances
- Rotate the external key
- Use the IQ Bot Validator
- Review the dashboard
  - Performance report page
  - Performance report details
- Custom domains in IQ Bot
- Using IQ Bot for standard forms
Process Discovery
- Overview of Process Discovery
  - Options to reduce exposure of sensitive data
- Process Discovery user roles
- Create Process Discovery users and assign roles
- Integrate SAML with SSO for Process Discovery
- Create your event reporting password
- Create a URL and application list
- Configure Observer activity
- Use Process Discovery with Kibana dashboard
  - Access the Kibana dashboard
- Create a cycle
- Classify application screens and create web applications
  - Applications with auto-assigned screen signatures
- Review Events and filter data
- Mining for processes
- Analyze and prioritize processes
- Creating groups for the process and generate a PDD
- Process Discovery - CoE Manager integration
- Getting started with Privacy Enhanced Gateway
- Process Discovery Sensor application
- Process Discovery FAQ
- Process discovery by using Discovery Bot
Bot Insight
- Business analytics through Bot Insight
- Accessing Bot Insight
- Using Bot Insight
  - Business analytics
    - Configuring a task for business analytics
- Using widgets
- Data connector for Power BI
- Configure Tableau web data connector in Bot Insight
API References
- Control Room APIs
- Filtering, pagination, and sorting
- API response codes
- Comparing Automation 360 and Enterprise 11 APIs
- Configure the Control Room
- Roles and permissions
- How to find a migration journalid
- Using Auto registration API
Glossary

Create OAuth connection

Download as PDF

Updated: 2024/07/04

Create OAuth connection

A Control Room administrator can create OAuth connections for users to use these connections in the authentication action for packages without having to enter any authentication details.

Note: The Salesforce mark and logo, the Microsoft SharePoint mark and logo, the Apigee mark and logo, ServiceNow mark and logo, and the Genesys mark and logo are trademarks or registered trademarks of Salesforce, Inc., Microsoft Corp., Google LLC, ServiceNow, Inc., and Genesys, respectively, and are used for identification purposes only.

Prerequisites

Ensure that you are using a user role that has the Manage connections permission enabled for the OAuth Connections feature. See Feature permissions for a role.

Ensure that you have configured an enterprise application and made a note of the Client ID, Client secret, Authorization URL, Token URL, and scope. See Configure enterprise applications.

The following table provides the format of the Authorization URL, Token URL, and scope for the supported enterprise applications:


Enterprise applications	Authorization URL	Token URL	Scope
Apigee	https://accounts.google.com/o/oauth2/auth?prompt=consent&access_type=offline	https://accounts.google.com/o/oauth2/token	https://www.googleapis.com/auth/cloud-platform
Genesys	https://login.<yourinstance>.pure.cloud/oauth/authorize	https://login.<yourinstance>.pure.cloud/oauth/token	Not required
Microsoft Entra	https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize	https://login.microsoftonline.com/{tenant}/oauth2/v2.0/token	Authorization code Flow: offline_access, openid OR Client credential flow: https://graph.microsoft.com/.default
Salesforce	https://<yourinstance>.salesforce.com/services/oauth2/authorize	https://<yourinstance>.salesforce.com/services/oauth2/token	api,refresh_token,offline_access
ServiceNow	https://<yourinstance>.service-now.com/oauth_auth.do	https://<yourinstance>.service-now.com/oauth_token.do	Not required
SharePoint	https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/authorize	https://login.microsoftonline.com/<tenant-id>/oauth2/v2.0/token	https://<domain-name>/AllSites.Manage, offline_access, openid Note: The OpenID scope is required only when your apps require the sub claim in the ID token to identify the end-user. Otherwise, this scope is optional.
Google Workspace (Calendar, Drive, Sheets and Gmail)	https://accounts.google.com/o/oauth2/auth?prompt=consent&access_type=offline	https://oauth2.googleapis.com/token	Google Sheets: https://www.googleapis.com/auth/drive, https://www.googleapis.com/auth/spreadsheets Google Drive: https://www.googleapis.com/auth/drive Google Calendar: https://www.googleapis.com/auth/calendar Gmail : https://mail.google.com/ (or) https://www.googleapis.com/auth/gmail.readonlyhttps://www.googleapis.com/auth/gmail.send

Note: We recommend that you use refresh tokens that are configured for a longer expiry duration. See Use AuthConfig App to enable OAuth2 services.

To create an OAuth connection:

Procedure

Navigate to Manage > OAuth connections.
Click Create connection.
The Connection settings screen appears.
Select a Provider type.

Note: The Callback URL is used in your enterprise application configuration settings to connect to the Control Room.
Enter a unique Connection name to identify the connection.
Optional: Enter a Description for the connection.
Click Next.
The Authentication details screen appears.
Select a Grant type. See Authorization Code Flow and OAuth client credentials flow.

Note: If you are configuring for a Google Cloud Platform (GCP) account, select Authorization Code Flow because Control Room managed OAuth connection using Authorization code flow with PKCE is currently not supported.
Enter the Client ID that is provided by the provider for your account.
Enter the Client secret that is provided by the provider for your account.
Enter the Authorization URL used to obtain an authorization code for your account.

Note: For Apigee or Google Cloud Platform (GCP) account, you must append &access_type=offline to the authorization URL. For example: https://accounts.google.com/o/oauth2/v2/auth?prompt=consent&access_type=offline.
Enter the Token URL used to exchange an authorization code for an access token.
Optional: Enter Scope.

This information is used as claims (information about the user) in an access token and forwarded to the resource server to limit access.
Note: If you are adding more than one scope, ensure that you separate the scopes using commas or space separated delimiter.
Click Next.
The Test connection and save credentials screen appears.
Optional: Select the Save login credentials.

Note: Use this option only when you want to generate a shared token that allows users to use this connection without providing user authentication and consent. When you select this option, you must select the Shared token type option when using this connection. See OAuth tokens.
Optional: Click Save changes and test connection.

Note: After you click the Save changes and test connection option and if the connection is successful, the Next button is disabled. Click the Back button, enter the Client secret again, and then click Next. You need not test the connection again unless you have made any changes to the previously provided authentication details.
Click Next.
The Invite roles screen appears.
Select the roles that you want to invite to use this connection. Only invited roles can use the token in a bot, whether it is private, shared, or both.

Invite roles action is mandatory if a Bot uses the OAuth connection. This action is optional if an external connection will use the OAuth connection.

Note: Only custom roles are displayed in the list of Available roles.
Click Create connection. An OAuth connection is created.

The following video shows how to create an OAuth connection:

Next steps

Use OAuth connection