Configure the Control Room to authenticate users at login using the Single Sign-On option through either identity provider (IdP) Okta or SSOCircle, using Security Assertion Markup Language (SAML) 2.0 protocol.

1. Double-click the Automation Anywhere Control Room icon on your desktop.

   The Configure Control Room settings page appears.

2. Type the repository path.
   This is the location where the uploaded automation files, for example, MetaBots, IQ Bots, and TaskBots are stored. For example, C:\ProgramData\AutomationAnywhere\Server Files.
3. Type the access URL.
   This is the URL for accessing your installation of Control Room.
4. Click Save and continue.
   Warning: The back button of your web browser automatically disables after you click Save and continue. This ensures that the Credential Vault Master Key that generates matches the repository path and Control Room access URL.

   To return to the Configure Control Room settings page, press Ctrl plus F5 and restart.

   The Credential Vault settings page appears.
5. Select from the following options:
   • Express mode: The system stores your master key to connect to the Credential Vault. This option is not recommended for a production environment.
   • Manual mode: You store the Master Key on your own, and then provide the Master Key when the Credential Vault is locked. Users use the Master Key to connect to the Credential Vault to secure their credentials and access them when creating and running TaskBots.
     Warning: If you lose the key, you will not be able to access the Control Room.
6. Click Save and continue.
   Warning: The back button of the web browser automatically disables after you click Save and continue. No further changes to the Control Room configuration or Credential Vault settings are allowed.

   To make changes, reinstall the Control Room.

   The Authentication type for Control Room users page appears.
7. Select Single Sign-On (SAML 2.0).
8. Copy and paste the SAML Metadata from the Identity Provider metadata XML file you created when configuring your SAML application.
9. Provide the Unique Entity ID for Control Room.
   The ID is the same as Audience URI that you provided when configuring your SAML application.
10. Optional: Select Encrypt SAML Assertions for enhanced security
    Ensure you are using the X509 Certificate format and PKCS #8 format for public and private key respectively.
    Note: You must provide the certificate of the service provider, in this case the Control Room, and not the Identity Provider's certificate.
11. Click Next.
    The Registering Control Room panel appears.
    Follow the steps to register the Control Room as a service provider.
12. Click Authenticate with IdP.
    On successful authentication, the user is added to the Control Room and the Control Room first administrator page appears with the Username, First name, Last name, and Email fields prepopulated.
13. Click Save and log in.

    You are logged in to the Control Room as an administrator. You can now configure and manage the overall RPA environment with Control Room and clients.