Azure AD integration (SS0) with Automation Cloud


We are planning Azure Active Directory integration with UiPath Automation Cloud and Azure App registration is required for Azure Ad integration. We need some clarity on below pointers:

• SSO integration mechanism and flow with UiPath SAAS cloud orchestrator.
• We need to understand the workflow of Azure App registration with UiPath SAAS cloud orchestrator.
• Can this App registration be done using Certificate instead of Client Secret?
• If certificate is fine to do App registration, who will provide the certificate, will it be UiPath themself or we have to generate.
• If we need to arrange the certificate, what should be the specification of certificate? And how the certificate should be done via a CA (certification Authority), DigiCert or Self-generated?

Thanks in advance.

  1. The SSO integration mechanism between Azure Active Directory and UiPath SAAS cloud orchestrator uses the OAuth 2.0 protocol. The flow involves redirecting the user to Azure AD for authentication, and then exchanging an authorization code for an access token, which can be used to access UiPath SAAS cloud orchestrator resources.
  2. The workflow of Azure App registration with UiPath SAAS cloud orchestrator involves creating a new application in Azure AD and configuring it to work with UiPath SAAS cloud orchestrator. You will need to provide information such as the redirect URI and the API permissions required by UiPath SAAS cloud orchestrator.
  3. Yes, it is possible to do Azure App registration using a certificate instead of a client secret, but this is a more advanced setup and requires additional configuration.
  4. If you choose to use a certificate, you will need to arrange and provide the certificate yourself. It can be generated via a certification authority such as DigiCert, or self-generated.
  5. The specification of the certificate depends on the requirements of Azure AD and UiPath SAAS cloud orchestrator. You will need to consult the documentation for each platform to determine the required specifications. Generally, the certificate should be a valid X.509 certificate in PEM format, and it should be signed by a trusted certificate authority.