Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Authorizing data collectors using OAuth

Updated on August 15, 2022

Beginning with Workforce Intelligence 8.5 and Pega Robot Runtime 19.1.63, you can secure Robot Runtime routes, or the API endpoints with which Robot Runtime interacts, using OAuth tokens. For each data collector (user with Robot Runtime installed), a client ID and client secret combination securely authorizes the API endpoints.

Requesting Robot Runtime OAuth credentials

  1. Log in to My Support Portal.
  2. On the My Support Portal home page, click New request > For something I need.
  3. On the Create tab, enter the request information:
    1. In the Request type field, select Other.
    2. In the Type field, select Workforce intelligence.
    3. In the Short description field, enter Requesting Robot Runtime OAuth credentials.
    4. In the Primary application field, enter Workforce Intelligence.

    5. In the Deployment field, select Pega Cloud.

    6. In the Environment field, enter Other.

    7. In the Other URL field, enter the URL of your Workforce Intelligence instance (for example, 

  4. Click Continue.
  5. On the Details tab, in the Describe what you need assistance with field, enter Provide client ID/secret to enable Robot Runtime authorization.

  6. Click Continue.

  7. On the Communication preferences tab, review the contact information, and then make any necessary changes or additions.
  8. Click Finish.

Result: The Workforce Intelligence Service Delivery Team creates an internal ticket with the Pega Workforce Intelligence Cloud team and schedules a meeting to provide you with the Robot Runtime OAuth credentials.

Enabling Runtime authorization (OAuth) for data collectors

After the Workforce Intelligence Service Delivery Team provides the OAuth credentials, complete these steps to enable Robot Runtime OAuth for data collectors. 

  1. In the CommonConfig.xml file, add a wfiOauthEnabled attribute to the Intelligence Server section, and enter true as the value.

    <Server name="Intelligence" baseURL="" enabled="true" proxyAddress="" wfiOauthEnabled="true"/>
Note: The purpose of this example is to show the wfiOauthEnabled attribute. Your Intelligence Server section might include other attributes, based on your configuration.
  1. On local Runtime machines, store the credentials that you received from the Workforce Intelligence Service Delivery Team by using SCCM (System Center Configuration Manager) or a similar console: 
    1. Change the folder location and navigate to C:\Program Files (x86)\Pegasystems\Pega Robot Runtime.
    2. Run the Pega.WFICredentialsLoader.exe file.
    3. Send the credentials to the Pega.WFICredentialsLoader.exe file through standard input, using the following examples as a guide. These examples use the pipe character (|), which allows the credentials to be sent to Pega.WFICredentialsLoader.exe. The pipe character is available on your keyboard.
    • Send the credentials without referencing a file
      echo {"wfiClientId": "runtime-client", "wfiClientSecret": "runtime-secret"} | Pega.WFICredentialsLoader.exe receiveStandardInput
    • Send the credentials using a file
      type credentials.json | Pega.WFICredentialsLoader.exe receiveStandardInput

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us