Question

2
Replies
236
Views
Michael Tan (tanm1)
PEGA
Senior System Architect
Pegasystems Inc.
JP
tanm1 Member since 2016 39 posts
PEGA
Posted: August 15, 2018
Last activity: September 6, 2018
Posted: 15 Aug 2018 21:42 EDT
Last activity: 6 Sep 2018 6:18 EDT
Closed
Solved

Pega Robotics Studio 8: password management for automations (SSO)

One of the responses to my following post was related to ASO Manager component for password management.


https://community1.pega.com/community/product-support/question/pega-robotics-studio-8-password-management-automations


My best understanding of what this component does is, it takes the credentials (user/password) which a user enters and saves it in an encrypted store so that if the user needs to access the same system again in the same run, they don't have to re-enter credentials. It does not, however, store the passwords perpetually so that the user never has to enter the password.


If this understanding is correct, it does not meet our requirement which has the user not even knowing the credentials: they run the robot which then signs on to the system on their behalf. Currently we have these credentials hardcoded in our automations, a practice we would like to stop.

One of the responses to my following post was related to ASO Manager component for password management.

https://community1.pega.com/community/product-support/question/pega-robotics-studio-8-password-management-automations

My best understanding of what this component does is, it takes the credentials (user/password) which a user enters and saves it in an encrypted store so that if the user needs to access the same system again in the same run, they don't have to re-enter credentials. It does not, however, store the passwords perpetually so that the user never has to enter the password.

If this understanding is correct, it does not meet our requirement which has the user not even knowing the credentials: they run the robot which then signs on to the system on their behalf. Currently we have these credentials hardcoded in our automations, a practice we would like to stop.

The problem is this: even if there is a credential store, any user (human or robot) has to reference that store using some sort of a key in order to identify which credentials are theirs: do we then hard code that key into the automation? If so, we are back to square one. What is really needed is some sort of a SSO method, perhaps whereby the credentials are stored inside AD alongside their windows login, so that each user piggy backs on their windows credentials to get their credentials for the system. Is there anything like this with Robotics?

Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.