Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Securing access to Pega Robot Manager

Updated on December 20, 2022

Configure authentication methods based on your security policies to ensure that users and robots can access Pega Robot Manager.

Robot Manager provides a variety of predefined roles that you can assign to new users. These roles define a set of permissions for users to perform specific types of tasks.

Note: In Robot Manager, user roles correspond directly to access groups in Dev Studio. Each access group can consist of multiple access roles. For more information, see Default access roles.

For example, the Robot Manager administrator role, Developer role, and User admin role can access the Robot Manager portal directly through a browser window. These roles can then manage robots, manage other users, modify robot configuration files, view reports, adjust auto-balancing, schedule robots, and so on.

In Robot Manager, the Runtime user role is also important. As a robotic service administrator, you typically grant the Runtime user role to robot operator accounts which either assist case workers (for example, call center agents), or perform unattended background activities. To operate correctly, robot Operator IDs must access Robot Manager indirectly through a service connection to retrieve automation packages and configuration file updates.

Depending on your security policy and the implementation of your robotic solution (unattended or attended), you can authenticate various user roles through either basic or single sign-on (SSO) methods.

Basic authentication

This is a simple authentication method in which users send their IDs and passwords to Pega Platform for validation against the credentials that are stored in the Pega database. This is the default method for authenticating both attended and unattended user access to Robot Manager.

When adding users through Robot Manager, an email address is the user identifier for basic authentication.

Single sign-on (SSO)

This method offers the best user experience by allowing users to securely authenticate with multiple applications (and websites) by logging in once, or with just one set of credentials. You can enable SSO for Robot Manager users through either OAuth SAML 2.0 or Kerberos.

When adding users through Robot Manager, a given User Principal Name (UPN) is the user identifier for SSO.

Learn more about each authentication mechanism for Robot Manager users by reading one of the following articles:

  • Previous topic Completing post-update tasks
  • Next topic Learning about the supported authentication mechanisms for Pega Robotic Automation components

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us