UiPath Orchestrator

The UiPath Orchestrator Guide

Storing Robot Credentials in CyberArk

Before beginning the procedures below, make sure you have configured your CyberArk® integration as provided here.

Adding Accounts for your Robots

You must add the login credentials under which your Robot runs. If you have multiple Robots, perform this procedure for all of them. This procedure applies to both local and domain users. From the CyberArk® PVWA interface, follow these steps:

  1. In the Accounts tab, click Add Acccount. The Add Account page is displayed.
  1. Select the safe you previously created in the Store in Safe drop-down list.
  2. Select Operating System in the Device Type list.
  3. In the Platform Name list:
    a. select Windows Desktop Local Accounts if the Robot user is local.
    b. select Windows Domain Account if the Robot user is part of an Active Directory.
  4. In the Address field:
    a. type the name of the machine on which the Robot is installed if you are using local users.
    b. type the name of the domain in which the Robot machine in installed on.
  5. Fill in the Username field with the name of the user under which the Robot runs.
  6. In the Password and Confirm Password fields type the password that belongs to the user under which the Robot runs.
  7. Under Name, select Custom and type the machine or domain name, and the Robot username, using the following convention:
    a. for local users - machineName-username, such as E47LTUF- documentation;
    b. for domain users - domainName-username, such as deskover-documentation.
  8. Click Save. The account is saved. This is used by Orchestrator to retrieve the Robot credentials when it needs to if you also have the Robot provisioned in Orchestrator.

Retrieving the Vault Credentials

After performing the steps above, you have to provision the Robot in Orchestrator. As you are now using CyberArk® to store your passwords, please note that in the Provision Robot window, you no longer have to add the password. However, the user is still mandatory.

When provisioning the Robot in Orchestrator, add the username as you normally would:

  • for local users - the actual username, such as Documentation;
  • for domain users - the username and domain it runs under, in the DOMAIN\username format, such as uipath\administrator.

Based on the user provided for the Robot, Orchestrator searches for a match in CyberArk®. When a match is found, the corresponding password is retrieved.



When making changes to the password in Cyberark Application Password Provider, please keep in mind that it might take a few minutes for it to be propagated in Orchestrator due to AIM's cache system.

Updated 3 years ago

Storing Robot Credentials in CyberArk

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.