Consuming APIs with the new Cloud Orchestrator

With the rollout of the UiPath Cloud Platform, we changed how we authenticate users in Orchestrator APIs. Unfortunately, this had the unintended consequence of breaking code that people used to script Orchestrator actions in the Community Orchestrator. For more details, see this thread.

To remedy this, we are enabling back the old method of authentication (basic authentication) temporarily to unblock users while we roll out our more permanent solution.

Basic authentication will only be enabled for accounts that are migrated from the Community Orchestrator and users that already existed prior to the migration. Newly created accounts and newly created orchestrator users will not have this access.

Please note that over the next week we will be rolling out a new way to connect that will enable all accounts to use APIs on the new and migrated cloud orchestrators.
UPDATE [June 11]: The new API guide is now published and is linked at the bottom of this post.

FOR ACCOUNTS MIGRATED FROM COMMUNITY ORCHESTRATOR USING OLD USERS AND OLD CREDENTIALS

1. Use platform.uipath.com as the URL in your API call
2. Use the same username and password that you used prior to migration. Do not reset the password. If you already reset the password, continue to use the old password that you had before resetting.
3. Use the same tenant name that you used in the past

Note that API access using basic authentication will continue to work until July 15. We will publish a guide next week for how to connect to the cloud orchestrator that does not involve basic authentication (more secure). We ask you to please switch to that new method before July 15.

FOR NEW ACCOUNTS

Newly created accounts will not have API access using basic authentication. New accounts have no basic authentication usernames and passwords, unfortunately, and there is no way to create new ones for them.

_UPDATE [June 11]: This new API guide describes how to consume APIs for cloud tenants for all new and migrated accounts going forward: About OData and References

We apologize for the inconvenience this has caused. All users with existing scripts should now be unblocked. Please let us know if you encounter any further problems.

Any update?

Very soon. We are in the late stages of reviewing our How-To document for consuming APIs. Stay tuned and thanks for your patience.

The API guide has now been published here: About OData and References

I edited the main post to include this as well.

Please do review and send suggestions if there are any unclear steps. Thank you.

Thanks for posting the new API Guide!

Is there any way of handling permissions in the new Cloud API or would it be possible to make all API calls once [Authorization code] and [Code verifier] are available?

The auth code and code verifier are just the first step. There is a list of steps after that (outlined in the document referenced earlier) that will allow you to call any cloud API after that.

Yes, I have seen this and tested it successfully.

Rather, I was referring to the fact that not always the unrestricted access to all endpoints should be guaranteed. Assuming that the API is used by a (third-party) integration, you only want to give them access to 2-3 specific endpoints.
Generally, it seems to me that the authentication process is quite error-prone as it involves many copy & paste steps (e.g. from parts of the URL).

So one idea I have is to create some kind of “API user” directly in the Cloud UI with specific endpoint permissions and access key that is sufficient to authenticate. Would this be an option?

Thank you!

Yeah the authentication process is kinda difficult to automate with the NodeJS encryption and URL copying

Absolutely. Our plan is to have a cleaner API experience. This is a temporary workaround for now during the Public Preview stage.

Has anyone created an automation for the refresh that they would be willing to share?

Also @ tarekmadkour when will the permanent solution be released?

Hi @alfalfi

Welcome to our UiPath Forum!

Sure, have a look at this project:
CloudAPI_GetAccessToken.zip (12.0 KB)

It basically recreates the steps from the Cloud API guide in 4 ‘simple’ workflows:

I will rush it out, even though some functionality still needs to be added. But maybe someone here on the Forum could take care of that

You will need Chrome for it to work

Fantastic - thanks, Maciej. I put my own project together but made all the JSON calls outside UiPath as I wasn’t aware of the web.activities package which I have to thank you for introducing me to as well!

image965×736 22.2 KB

I am new to UIPath, I created my ID today using Basic Authentication(Even Reset the password)
I followed Consuming Cloud API but unable to authenticate.
The credentials are the same that I used to login and it works.

HI Utkarsh,

Welcome to our UiPath Forum.

You need to follow the steps provided in the link below to be able to authenticate and make API calls on Cloud Orchestrator.

UPDATE [June 11]: This new API guide describes how to consume APIs for cloud tenants for all new and migrated accounts going forward: https://orchestrator.uipath.com/v2019/reference#consuming-cloud-api

@Vijay_Rajasekharuni

I made an account using using Sign up with Email (used iCloud)

Now for using the following API

Annotation%202019-06-21%201258521225×439 8.84 KB

Where
tenancyName: From the Services Tab
usernameOrEmailAddress: Same with which I created the account
password: Same with which I created the account

As I get to know that it has moved to the Cloud, I followed the link: https://orchestrator.uipath.com/v2019/reference#consuming-cloud-api
Which had

1. Getting Token to Use in Your API Calls.(Works)
2. Discovering UiPath Account and Service Instance Identifiers.(Works)

Now while authenticating I use the following

POST: https://platform.uipath.com/[account_logical_name]/[ service_instance_logical_name]/api/account/authenticate
Request:
Content-Type: application/json
{
“tenancyName” : “serviceInstanceName”,
“usernameOrEmailAddress” : “XXXXXXXXX”,
“password” : “XXXXXXXXX”
}

I am getting Invalid Credentials. I use the same emailId and password to login and it works

Hi @UtkarshTrehan

One crucial thing is that you should no longer use the authenticate endpoint. You should use the method of authenticating from the Cloud API guide and then use the access_token generated from those activities to authenticate your calls.

See my post here with a sample project and sample calls you can easily make

Hi @loginerror

Thanks, This made me understand

I followed the Consuming Cloud API document but failed to get token. Btw I created a new account.

551926×1212 233 KB

Any help will be appreciated

You need to pass the information as json in the body of the message not as parameters.
In “postman”, remove the parameters you have and go to the “body” tab and paste the information there as specified in the documentation. Make sure you specify “json” as the type of the body. This should make it work.

Hi guys,

I want automate the access token request process inside a NodeJS script, but I stopped in the step that need to pass the credentials to the login page, anyone have idea how to pass the user/password by parameters or http headers? Or when we will have way to generate an API key to use direct to cloud api service? Tks a lot!