Enterprise 11: Identity and authentication
All automation actions, for example, create, view, update, deploy, and delete, across the Automation Anywhere Enterprise are done only after Control Room authentication is successfully completed.
After authentication is successful, the platform applies a second mandatory level of access control enforcement in the form of fine-grained Role-Based Access Control (RBAC).
Automation Anywhere offers seamless integration with Microsoft Windows Active Directory for access to the Control Room, Bot Creators, and Bot Runners. When Control Room is integrated with the Active Directory, all the Active Directory users with basic details are directly available in the Control Room without any extra configuration. For Active Directory integration, user passwords stay in only Active Directory and are not saved in the platform.
In addition to Active Directory authentication, the Control Room has its own controls to prevent unauthorized access to any automation data. See Dynamic access token authentication of Bot Runners:.
Bot Runner users can also configure their Active Directory credentials for Bot Runners machine autologin. These credentials are saved in the centralized Credential Vault.