UiPath Identity Server URL: "You do not have permission to view this directory or page"

Help Marketplace
1

I installed Uipath Orchestrator from Azure Market I notice that the Identity Server URL gives the following error when it accessed

image
image789×282 33.9 KB

I think this is because of the IIS (webserver runs on the Microsoft .NET platform on the Windows OS) logic flow

  • The request will hit wwwroot and is looking for web.config which is a file that is read by IIS and the ASP.NET Core Module to configure an app hosted with IIS
  • Since no web.config is in wwwroot we will get the message “You do not have permission to view this directory or page” when accessing the URL, which is given in the absence of we.config file where windows authentication and authorization requirements are specified.
    image
    image915×785 63.7 KB

However https://andranecula-identity.azurewebsites.net/identity WORKED

image

So as a workaround solution, I created a web.config file inside wwwroot that redirected the calls /identity which fixed the problem.

Which indeed fixed the issue, calling direct URL https://andranecula-identity.azurewebsites.net WORKED, but I ran out into another issue

If you hit on the Management/Settings
image

For now, I removed the solution created web.config file:

https://andranecula-identity.azurewebsites.net direct link gives me “You do not have permission to view this directory or page” but if you put /identity Works :open_mouth:

My question is the following:

Why UiPath Identity Server URL gives a “You do not have permission to view this directory or page” message when assessed?

How can be fixed?

Thanks,
Andra

1 Like
2

Hey @Andra_Necula

Is this a cloud version of UiPath?

Thanks
#nK

3

Yes, you can set up the entire UiPath Orchestrator deployment from Azure Cloud Market

image
image797×760 24.6 KB

I followed the official documentation:
Azure Marketplace Deployment (uipath.com)

I wonder how looks on-prem…

1 Like
4

Yep it’s quite different for on prem.

5

I see that if I want to contact support I need to get a UiPath licence

UiPath Azure cloud – Market solution deploys for you:

  • the Orchestrator
  • the Azure Identity Server
  • the WebHook
  • the SQL server

The Operator URL works like a charm, and the hole site actually

But the Server Identity, not only that the code from wwwroot is in the file Web, but is different that the structure of the Orchestrator (for Orchestrator the code is directly in wwwroot)

image
image913×393 102 KB

I tried different things:

  • move the code in wwwroot → failed
  • create in wwwroot a web.config to redirect to /identity, which works but on the platform I get other components failing :smiley:

I feel that either the solution is buggy, either the documentation is missing something

1 Like
6

Okay got it. Will check on prem configuration and see if something helps.

So you are using community version?

7

I did not install the Uipath Studio yet.

I did not add yet a license to Orchestrator either ( that’s why for now I can not contact support)

1 Like
8

The steps are:

  1. Go in Azure Portal, and select UiPath Orchestrator, click create

  2. This is the deployment created

    image
    image1137×237 32 KB

image
image1220×313 62.6 KB

image
image1351×595 73.3 KB

  1. **But Server Identity URL gives that message
    image
    image1197×294 66.9 KB

    image
    image794×281 34 KB

However, if you add /identity at the end works

image
image1392×389 33.8 KB

The expected behavior is for the Identity Server URL displayed on Azure Portal to work

1 Like
9

Hey @Andra_Necula

Got it now clearly.

But the identity server in UiPath works with the same orchestrator URL followed by /identity

That’s how it is right. And it will be deployed as an other server module which is fine.

Thanks
#nK

10

I got your point, but I think my issue was not understood. That was not my complaint. I am aware that each module is separated.

In Azure, the Identity Server has NOT the same URL as the Orchestrator.

And my complaint all along was that the Server Identity URL provided by the Azure Deployment does not work.

As I already specified via screenshots to be clear, if you look over the pictures you will notice that each module has its own URL

Identity URL

image

Orchestrator URL

image

See are 2 different URL.

Now the Identity URL provided in Azure Portal if I click on it gives me

image
image794×286 34.1 KB

But if I add /identity works

The problem is that each URL provided in Azure Portal should work

1 Like
11

Hey @Andra_Necula

Okay make sense.

Will try to explore on it. Will be useful if we know the answer to it.

Thanks
#nK

1 Like
12

But the identity server in UiPath works with the same orchestrator URL followed by /identity
That’s how it is right. And it will be deployed as another server module which is fine.

On Azure indeed each module is separated, which is also described in the UiPth official documentation.

If I go on Azure Platform and click on each operator I see that Orchestrator and Identity have URL used to access the UiPath platform

Orchestrator URL https://andranecula.azurewebsites.net → click on it WORKS

Identity URL https://andranecula-identity.azurewebsites.net → click on it you get “You do not have permission to view this directory or page” — which in IIS is the default behavior since is looking for web.config file which is not there

The expected result is that each URL displayed on Azure Cloud Platform regarding UiPath to work and redirect you to the UiPath Orchestrator/ Identity

As a customer I am not happy to see URLs that do not work, why do you display them?

See the URLs are different, all you have to do is to go on Azure Portal click on URLs and boths suppose to work

image
image1407×273 43.3 KB

image
image1806×228 46.3 KB

1 Like
13

:sunglasses: maybe is an issue with them, the Azure support will not help since the Azure Market services are supported by the publisher.

I will create a support ticket with UiPath once I will put my hands on a license :smiley:

In your case the Identity and Orchestrator have the same link?

1 Like
14

Yes @Andra_Necula I gonna check that.

Will keep you posted.

1 Like
15

Thanks, If I find something I will update here too

1 Like
16

Summary: I installed UiPath Orchestrator [check this article for installation guide]

Issue: identity server URL displayed on Azure Portal did not redirect to Identity Hub

image
image1197×294 66.9 KB

Instead we got a permission denied message

image
image794×281 34 KB

However if we added /identity to the URL, we could interact with the platform

image
image1380×384 19.4 KB

Note

You might think that’s a permission issue, well it is and it is not.

And I will explain my point of this. Feel free to correct me if I am wrong.

By default, App Service starts your app from the root directory of your app code. But UiPath Identity Server web frameworks don’t start in the root directory, it starts in the Web subdirectory, identity app service comes with path mapping set-up under identity name.

So Identity Server app would be accessible at http://{URL}/identity

Quick Mitigation:

If we want to direct http://{URL} to the identity directory instead, we can edit the virtual applications and directories from Azure App Services settings, but most likely we will end break other modules, since UiPath deploys more interconnected apps.

Since I tried different methods of editing either UiPath files or Azure App Service configurations, with partial success – I mean I mitigated my issue, but created other issues in different modules :slight_smile: , I decided to create a non-invasive solution.

As I mentioned above Azure App Service logic is to start the app directly from root, but UiPath Identity is designed to start from root/Web, wanting not to change nothing on UiPath files (again), I created in root a redirecting to identity. Now each time the user will hit http://example.com it will be automatically (in under 1 second) to http://example/identity.com loading the app, and all looks ok.