Read and Review Automation Anywhere Documentation

Automation 360

Close Contents

Contents

Open Contents

Set up SAML authentication

  • Updated: 10/09/2021
    • Automation 360 v.x
    • Install
    • RPA Workspace

Set up SAML authentication

Switch an authenticated environment Control Room database to a SAML identity provider (IDP).

Prerequisites

Note: SAML integration is irreversible. Once in place, the configuration may not be modified.

This task is performed by the Control Room administrator. You must have the necessary rights and permissions to complete this task. Ensure you are logged in to the Control Room as the administrator.

Introducing credentials on a new system, prior to importing users, other setup tasks may be required before setting up Authentication for the Automation Anywhere Control Room. If users are imported, there must be matching userIDs, email addresses, first and last name, in both Automation Anywhere credentials and matching records in order to login after the SAML integration. For example, if using Okta as a SSO,users must have matching IDs, email addresses, first name and last names in both Automation Anywhere and Okta in order to login after the SAML integration.

Have the necessary user information and certificate ready. Typical user information consists of userID, first and last name, and an email address.

Note: The SAML IDP side setup must be validated before configuring the Control Room. See Configure the Control Room as a service provider.

Much of this configuration is reliant upon third party applications to create the necessary metadata. Should you require more specific configuration information based on a specific provider, please refer to the associated Knowledge Base articles provided.

See Automation 360 steps to configure SSO authentication With Okta As ID provider (A-People login required for more details.

To switch the Control Room to a SAML-authenticated environment, follow the steps outlined below.

Procedure

  1. Navigate to Administration > Settings > User authentication.
  2. Select the Use SAML option.
    Note: The Use Control Room database option is selected by default.
  3. In the SAML metadata field, enter the metadata from your SAML IDP setup.
    <saml2:AuthnStatement AuthnInstant="authenticated_instance" SessionIndex="index_value_required">
  4. In the Unique Entity ID for Control Room (Service Provider) field, enter the entity ID.
  5. In the Encrypt SAML Assertions field, select one of the following options:
    OptionDescription
    Do not encrypt SAML assertions are not encrypted.
    Encrypt SAML assertions are encrypted.
  6. Optional: Enter the Public key and Private key values.
    Note: Enter keys only if you require encrypted SAML assertions.
  7. Click Validate SAML Settings.
    The Control Room will login through the SAML provider and redirect back to the Control Room User Authentication page.
    When you click this option, you will be redirected to a SAML 2.0 service provider web page where you will be prompted to enter credentials and other data.
  8. Login to your provider when prompted.
  9. Click Save changes.
Send Feedback