Settings

Use the Settings tab to configure the connection to the Credential Vault, enable email notifications, integrate the Control Room with a Git repository, enable secure recording mode, and configure user authentication.

Bots

Secure recording mode ensures that sensitive data is not stored in the bots. When secure recording mode is enabled, the bots do not capture values of certain properties or store application images. You can enable this setting for some or all users of the Control Room.
Note: Secure recording mode only applies to bots that are created or edited after the mode is enabled.

Click Edit in the Bots tab to enable or disable secure recording mode. See Secure recording.
Bot validation performs an additional compile time validation on migrated bots at the preprocessing stage to save your time and effort. By default, the Bot validation feature is set to Off.
Note: You must be a Control Room administrator to view and edit the validation option.

Navigate to Administration > Settings > Bots and set the bot validation option to On to detect compilation errors with bots.

Validation happens at the time of running the bot, for new bots. For migrated bots, this check is performed immediately after bot migration, per configuration.

For example, if a parent bot calls a child bot and the child bot has compilation errors, these errors are displayed when you try to run the parent bot. This ensures that an error does not occur in the middle of an automation or make it an incomplete automation.

In the Bot migration results page, select a bot that needs review. Click the three dots under Reason tab to see the details. With the Bot validation feature set to On, the bots that have compile time errors are displayed as a separate line entry in the migration report.

Migrated bots with compilation errors are shown in Successful with Review section of the migration report and ensures that you can get a list of bots that require your attention.
Loop package enables you to run a sequence of actions repeatedly for a specific number of times or until a specific condition is met.
For bots that were created using the Loop action in Automation 360 v.26 or earlier releases, you can enable the Legacy Loop behavior option from the Administration > Settings to iterate the loop based on the specified value.
In the Legacy Loop behavior tab, click Edit to select one of the following options:
1. Enabled: Loop is iterated based on the specified value. When you select this option and either increment or decrement the variable value in the end condition, loop iterations will not vary dynamically based on the new value generated.
2. Disabled: Loop iterations will continue to vary dynamically based on the variable value generated in the end condition.

Policies

Code Analysis: Enable the code analysis feature to run code analysis on your automations. This feature analyzes the code and displays a list of violations based on a set rules. You can review and fix any coding or stylistic errors for your automation.

Code analysis| Code analysis policy management

Devices

When there is a new version of the Bot Agent, it is automatically updated.

IQ Bot

View the website address where IQ Bot is currently installed, if applicable. Click Edit to update the IQ Bot URL.

Document Automation Settings

Enable or disable external service connection for using generative AI capability in Document Automation Cloud instances based on region of deployment. Administrators can now enable the generative AI capability here, in the Control Room settings with a valid cloud license. When this setting is enabled, Professional Developers can create learning instances and process documents using Google Document AIGoogle Document AI, Google OCR, and Microsoft OpenAI services. Currently, you can select the region based on your region of deployment and choose between US and EU.

Note: This feature is available for Document Automation Cloud tenants only.

Email

All users must confirm email accounts by clicking the confirmation link that they receive, set the password, and security questions before user can log in to the Automation Anywhere Control Room. By default, email notifications are disabled. Hover over the Edit icon to make changes.

Edit email notifications

Git integration

Remote Git repository must support Git LFS (Large File Support). Bots are synced using standard Git push over HTTPS.

CoE Manager

Enable access to CoE Manager from the Control Room so that you can access CoE Manager from the quick links section on the Control Room home page.

Enable CoE Manager

Login settings

For security, privacy, or any other pertinent announcement, you can provide an additional statement, such as consent text, in the Login settings section. The statement is visible to users every time they log in to the Control Room.

This statement on the login page is disabled by default. If you enable it, you can also provide an option (using a check box) for users to read and accept the statement before logging in to the Control Room.

Security settings

Password Configuration

Administrators can configure password requirements for users to log in to the Control Room. This configuration prevents users from setting weak or most commonly used passwords that might prevent unauthorized access to the Control Room.

Password length (characters): Password length determines the strength of a password.

Minimum: Set the minimum number of characters allowed for the password. By default, the minimum number of characters is set to eight and the number cannot be reduced further.
Maximum: Set the maximum number of characters allowed for the password. By default, the maximum number of characters is set to 50 and cannot be set to more than 64 characters.

You can also enforce the users to include one of the following characters in the password:

A number
An alphanumeric letter
A symbol
A capital letter

Note:

On-Premises users: The check-boxes for Alphabetical character, Number, Capital letter, and Special character are enabled, and the user can select or deselect the options.
Cloud users: The check-boxes for Alphabetical character, Number, Capital letter, and Special character are disabled, and the user cannot select or deselect the options.

Repetitive Characters: Repetitive characters such as aaaa, bbbb, cccc, and so on in passwords make it easier for attackers to guess the password and are considered to be weak passwords.

Allow unlimited repetitive characters: This option is set as default and allows users to use unlimited repetitive characters in their passwords. Selecting this option might allow users to set weak passwords and vulnerable to attacks.
Limit repetitive characters: Select this option to restrict the users from using repetitive characters in their passwords. Set the repetitive characters limit in the Maximum characters can be repeated option. If you set this limit as one, then no characters in the password can be repeated. If you set this limit as two, users can use two repetitive characters in their passwords. For example, users can use aa, bb, and so on in their passwords.

Sequence Characters: Sequential characters such as qwerty, 123456, abc123, and so on in passwords make it easier for attackers to guess the password and are considered to be weak passwords.

Allow unlimited sequence characters: This option is set as default and allows users to use unlimited sequential characters in their passwords. Selecting this option might allow users to set weak passwords and vulnerable to attacks.
Limit sequence characters: Select this option to restrict the users from using sequential characters in their passwords. Set the sequential characters limit in the Maximum characters can be used in sequence option. If you set this limit as one, then no characters in the password can be used in a sequence. If you set this limit as two, users can use two sequential characters in their passwords. For example, users can use 12, ab, and so on in their passwords.

Restrict common passwords from the system: Allowing users to use common passwords such as 123456, qwerty123, 1q2w3e, and so on makes it easier for attackers to guess the passwords and are considered to be weak passwords.

Do not restrict common passwords: This option is set as default and allows users to use commonly used passwords. Selecting this option might allow users to set weak passwords and vulnerable to attacks.
Restrict common passwords: Select this option to restrict the commonly used passwords. Add the commonly used passwords on separate lines in the text box to avoid users using such passwords.

Set minimum number of days before a user can change their password: If you allow users to change their passwords anytime, they can continue to use the same password even if there is a restriction about not using the last few instances of their passwords. Fox example, if a user is prompted to change their password and restricted to not use any of their last three passwords, the user can change the password three time continuously and set their existing password the fourth time. Setting a minimum number of days before a user can change their password restricts the user from using the same password when they are prompted to change their password.

Disabled: This option is set as default and allows users to change their passwords anytime. Selecting this option might allow users to use the same password and vulnerable to attacks.
Enabled: Select this option to set the number of days users are restricted from changing their passwords. The maximum number of days that you can set is 10. For example, if you set the days to five, a user can change their password again only after five days of changing their password.

Captcha and user lockout: This option prevents attackers from using scripts or bots to guess user credentials and locks the user account after certain unsuccessful login attempts.

Captcha on: This option is set as default and prompts users to solve a captcha before logging into their account. Set the Lock the user out after unsuccessful login attempts option to lock the user after the set number of unsuccessful login attempts.
Lockout on: Set the Lock the user out after unsuccessful login attempts option to lock the user after the set number of unsuccessful login attempts.

API-Key duration

The generated API-Key is used to authenticate users. You can customize how long the generated API-Key is valid to authenticate users until either:

A selected duration is reached (in minutes or days), or
A new API-Key is generated

Note: You determine the validity duration based on your organization's requirements. Maximum supported API-Key duration is 1 to 14,398,560 minutes, or 1 to 9,999 days.

Time-out session settings

You can enable time-out settings to automatically sign out users from the Control Room browser session after the specified minutes of inactivity. You can set the Time-out session setting field to one of the following values: 10 minutes, 20 minutes, 30 minutes, 40 minutes, 50 minutes, 1 hour, 2 hours, 4 hours, 8 hours, 12 hours, 24 hours, or 7 days. You can configure the session using increments of 10 minutes or 1 hour. The default value is 20 minutes, which means you will be logged out of the session after 20 minutes of inactivity.

File upload settings

As an Administrator, you can restrict the upload of executable files (dll files, media type application/x-msdownload) to prevent a security breach. To use this feature, enable the File upload settings in Administration > Settings > Security settings.

Two factor authentication (2FA): Enable 2FA to provide an additional layer of defense against unauthorized users from accessing the Control Room. As an administrator, you can set up 2FA so that the users can validate their identity when logging in to the Control Room using both their user credentials and a second authentication factor.
Two-factor authentication

Historical activity retention

If you want to retain historical activities for only a limited period to save storage space or if you do not want to retain historical activities, configure your settings to automatically purge (delete) such activities.

Cloud: By default, the historical activities are set to be deleted after 90 days. You can configure this value by setting a minimum value of 1 day to a maximum value of 90 days. This option is always enabled.
On-Premises: You can choose the following options:
- Do not purge: Historical activities are retained and never deleted.
- Purge: By default, the historical activities are set to be deleted after 365 days. You can configure this value by setting a minimum value of 1 day to a maximum value of 365 days.
  Note: This feature is set to Do not purge when you update from a previous release to v.31 or later releases or when you directly set up v.31 or later releases.

Audit log retention

If you want to retain audit log entries for only a limited period to save storage space or if you do not want to retain historical audit log entries, configure your settings to automatically purge (delete) such entries.

Do not purge: Audit log entries are retained and never deleted.
Purge older than 15 months: Audit log entries that are older than 15 months are automatically deleted.

If you are updating to v.30 release from a previous release, then you must manually enable the Purge older than 15 months option.
If you are directly setting up v.30 or later releases, the Purge older than 15 months option is enabled by default.
The audit log entries are deleted once a week from the time the Purge older than 15 months option is enabled.

Bot promotion settings: Add the approved list of target URLs so that you can move bots and files between Control Room instances in a single flow, thus avoiding the multi-step export and import process.
Move bots across environments

Notification settings

Manage the notification settings for notification categories and channels. The notification settings defined by the Control Room administrator are applicable for all the Control Room users. Based on these defined settings, Control Room users will be notified about the events.

Administer notifications for Control Room.

User authentication

Configure the to authenticate users through the database option or switch to a SAML Identity Provider (IdP).

Set up SAML authentication

Network settings

Forward Proxy Configuration

Configure a forward proxy so that Control Room features can connect to Cloud-hosted Control Room services outside of customer's internal network.

Configure forward proxy settings

External key vault

External key vaults provide a way to securely store and retrieve credentials using a third-party key manager such as CyberArk, Azure, and AWS Secrets Manager.