Authentication for Bot Runners

Two layers of authentication are present for deploying the bots on remote Bot Runners.

The Bot Runner is logged on/connected/unlocked using the configured credentials. These credentials are fetched from the centralized Credential Vault over HTTPS. This first level of authentication is done against the domain automatically, on behalf of the user and is called Bot Runner autologin.

After being authenticated, Bot Runners can be authorized to execute bots independently and asynchronously.

The following table shows what happens to the user session on the Bot Runner after bot deployment.
User session status before bot deployment During deployment User session after bot execution finishes
No session exists Create a new session and deploy the bot Log off
Unlocked Deploy the bot Session remains unlocked
Locked Unlock the session and deploy the bot Session is relocked
Disconnected Unlock the session and deploy the bot Log off