Supported authentication methods
- Última actualización2020/11/12
Supported authentication methods
Control Room supports the listed authentication methods.
Supported authentication methods
- Active Directory using LDAP
- Active Directory using Kerberos
- SAML
- Local authentication using a database
The benefits of integrating with Active Directory include the following:
- Easier adoption
- Integrates with an existing authentication solution, compliant with the standards.
- Maintainability
- All passwords and password policies are centrally administered.
- Better user experience
- Fewer passwords to remember.
Kerberos provides additional benefits over NTLM pass-through authentication.
- Open standard versus closed proprietary standard
- Mutual authentication of client and server
Integration with smart cards for 2FA
Local authentication manages user passwords via the Credential Vault. Passwords are hashed using the HMAC SHA512 algorithm, which is keyed by the output of the Password-Based Key Derivation Function (PBKDF2). User passwords are encrypted in transit via TLS 1.2.
All authentication and session management is handled via the well-tested Spring Security framework. Kerberos integration is provided via the well-tested Waffle framework. SAML integration is provided via the well-tested OneLogin framework.
Multi-domain Active Directory support
Automation Anywhere platform architecture supports single-forest multi-domain Active Directory integration. Control Room can be configured with Active Directory Global Catalogue Server in a way that Control Room, Bot Creators and Bot Runners can all be in same or different Active Directory domains of a single forest. This gives added flexibility and control for large-scale complex deployment where users are spread across geographies.
Multi-domain support is provided out of the box and no additional configuration is required. The Control Room user provisioning from different Active Directory domains is also seamless. It enables the Control Room admin to centrally orchestrate the digital workforce running across the globe.