Securing access to Pega Robot Manager
Configure authentication methods based on your security policies to ensure that users and robots can access Pega Robot Manager.
Robot Manager provides a variety of predefined roles that you
can assign to new users. These roles define a set of permissions for users to perform
specific types of tasks.
For example, the Robot Manager administrator, Developer, and User admin roles can access the Robot Manager portal directly through a browser window, to manage robots, other users, modify robot configuration files, view reports, adjust auto-balancing, schedule robots, and so on.
Another important user role in Robot Manager is Runtime user. Typically, administrators grant the Runtime user role to robot operators that assist case workers (for example, call center agents), or perform unattended background activities. To operate properly, robot operators must access Robot Manager indirectly through a service connection to retrieve automation packages and configuration file updates.
Depending on your security policy and implementation of your robotic solution (unattended or attended), you can authenticate various user roles through basic or single sign-on (SSO) methods.
Basic authentication
This is a simple authentication method in which users send their IDs and passwords to Pega Platform for validation against the credentials that are stored in the Pega database. This is the default method for authenticating both attended and unattended user access to Robot Manager.
When adding users through Robot Manager, an email address is the user identifier for basic authentication.
Single sign-on (SSO)
This method offers the best user experience by allowing users to securely authenticate with multiple applications (and websites) by logging in once, or with just one set of credentials. You can enable SSO for Robot Manager users through OAuth SAML 2.0 or Kerberos.
When adding users through Robot Manager, user principal name (UPN) is the user identifier for SSO.
Learn more about each authentication mechanism for Robot Manager users by reading one of the following articles:
- Understanding basic authentication for Pega Robot Manager users
Basic authentication works by prompting the user for a user name and password, which Pega Platform validates against the credentials that are stored in the Pega database. In this method, the authentication information is retrieved from the server with just one call, which makes that method faster than other, more complex authentication mechanisms.
- Understanding single sign-on authentication for Pega Robot Manager users
Use single sign-on (SSO) to access all your applications and switch between them without any additional actions.
- Specifying the default authentication method for new Pega Robot Manager users
Comply with your security requirements by selecting the authentication method that Pega Robot Manager assigns to a user role by default.
Previous topic Performing a Pega Robot Manager version update Next topic Learning about the supported authentication mechanisms for Pega Robotic Automation components