Securing access to Pega Robot Manager
Configure authentication methods based on your security policies to ensure that users and robots can access Pega Robot Manager.
Robot Manager provides a variety of predefined roles that you can assign to new users. These roles define a set of permissions for users to perform specific types of tasks.
For example, the Robot Manager administrator role, Developer role, and User admin role can access the Robot Manager portal directly through a browser window. These roles can then manage robots, manage other users, modify robot configuration files, view reports, adjust auto-balancing, schedule robots, and so on.
In Robot Manager, the Runtime user role is also important. As a robotic service administrator, you typically grant the Runtime user role to robot operator accounts which either assist case workers (for example, call center agents), or perform unattended background activities. To operate correctly, robot Operator IDs must access Robot Manager indirectly through a service connection to retrieve automation packages and configuration file updates.
Depending on your security policy and the implementation of your robotic solution (unattended or attended), you can authenticate various user roles through either basic or single sign-on (SSO) methods.
Basic authentication
This is a simple authentication method in which users send their IDs and passwords to Pega Platform for validation against the credentials that are stored in the Pega database. This is the default method for authenticating both attended and unattended user access to Robot Manager.
When adding users through Robot Manager, an email address is the user identifier for basic authentication.
Single sign-on (SSO)
This method offers the best user experience by allowing users to securely authenticate with multiple applications (and websites) by logging in once, or with just one set of credentials. You can enable SSO for Robot Manager users through either OAuth SAML 2.0 or Kerberos.
When adding users through Robot Manager, a given User Principal Name (UPN) is the user identifier for SSO.
Learn more about each authentication mechanism for Robot Manager users by reading one of the following articles:
- Understanding basic authentication for Pega Robot Manager users
Basic authentication works by prompting the user for a user name and password, which Pega Platform validates against the credentials that are stored in the Pega database. In this method, the authentication information is retrieved from the server with just one call, which makes this method faster than other, more complex authentication mechanisms.
- Understanding single sign-on authentication for Pega Robot Manager users
Use single sign-on (SSO) to access all your applications and to be able switch between applications without any additional actions.
- Specifying the default authentication method for new Pega Robot Manager users
Comply with your security requirements by selecting the authentication method that Pega Robot Manager assigns to a user role by default.
Previous topic Completing post-update tasks Next topic Learning about the supported authentication mechanisms for Pega Robotic Automation components