As an Organization Administrator with access to the Licenses and Cloud Services portal, you use the AuthConfig App to manage the relationship between a set of Automation 360 Control Room instances and our OAuth2 (Open Authorization) services.

OAuth2 services are used to interact with the Automation 360 Control Room by third-party applications. Additionally, Document Automation uses OAuth2 services to communicate with hyperscalers for generative AI (GenAI). Currently, you can only use the PixieBrix extension to use the OAuth services to interact with the Control Room.

Note: The availability of this feature is based on your region.
For more details regarding licenses and the PixieBrix extension, click:

You use OpenID tokens to authenticate to the AuthConfig App.

Token overview

Automation Anywhere and the AuthConfig App support the following token types:

  • Control Room registration token: The AuthConfig App generates this token which you enter in the OAuth Settings panel of the Automation 360 Control Room. The Control Room registration token establishes the identity of your Control Room to the AuthConfig App. For example, as a client, PixieBrix can consume access tokens to authorize access to Control Room APIs using the access token provided by the authorization provider/server.
  • Access token: A JSON web token generated from an authorization provider after authenticating with an Identity Provider (IdP). Access tokens contain claims that provide information to a resource server. API calls use access tokens to enable an authorized client to gain access to data on the resource server.
  • Refresh token: Refresh tokens provide a method to get new access tokens without having to collect and authenticate credentials every time an access token expires.

The AuthConfig App generates Control Room registration tokens to enable OAuth2 services.

AuthConfig App registration token flow The AuthConfig App token registration diagram illustrates token registration work flow:

  1. The Administrator uses the AuthConfig App to generate a registration token.
  2. The registration token is stored in the database.
  3. The Administrator enters the generated registration token into the OAuth Settings in the Automation 360 Control Room.
  4. The registration token is stored in the database.
  5. The registration token is then sent to the AuthConfig App where if the token matches the token stored in the database, the Control Room is registered.
Note: Authorization code flow with PKCE is currently supported.

Benefits

You use the AuthConfig App to:

  • Enable or disable OAuth2 services for an Automation 360 Control Room (On-Premises or Cloud).
  • Configure an Identity Provider (IdP) configuration using a SAML authentication connection for your organization.
  • Generate registration tokens for each Control Room to securely enable OAuth2 services.
  • Enable OAuth2 services for Document Automation to communicate with hyperscalers for generative AI (GenAI).

For details about accessing automations in a web scenario with Automation Co-Pilot (extensions) and using a custom widget through Google Chrome extensions, click here.

Prerequisites

Before you use the AuthConfig App:

  • Create your Automation Anywhere community (Apeople) credential: A-People home page (login required).
  • From the Automation 360 Control Room, you must register and enable Control Room instances with OAuth2 services to use the access tokens.

After you complete the prerequisites, you can access the AuthConfig App.