Credentials in UiPath Orchestrator

Hello All,

I wanted to understand about the encryption and decryption process in UiPath Orchestrator Assets. There seems to be no place where we can define the Key for encryption when we add Credentials. I have gone through the following URL https://docs.uipath.com/orchestrator/docs/about-assets but there doesn’t seem to be much information other than AES 256 algorithm.

Can anybody please guide me to the right documentation or explain the internal encryption process.

Thanks in advance.

Regards,
Anish

2 Likes

Hi @anish_shenoy,

As per my knowledge there no need to encrypt assets by user uipath is internally taking care of this.

Regards,
Omkar P

1 Like

Thank you Omkar, I understand that. But we need to define this to the security compliance on where the key is being stored for encryption and decryption. Is it in the database that the UiPath is storing the key to encrypt to decrypt or in the application layer?

Regards,
Anish

1 Like

1 Like

hi @anish_shenoy
All assets of the Assets list stored as clear text in Database [dbo].[AssetValues] Table excluding credentials

In Credentials
User name - Stored as Clear text
Password - Encrypted

Refer the Orchestrator Table Tha’s stored like

Its Encrepted and stored on DB developer(studio) can be get the Credential using Using the Get Credential Activity invoking
But not received password as clear text to view

As i know you cannot get the decryption key thats manage by orchestrator / DB

and additionaly Refer the below link to understand the AES 256 algorithm

1 Like

I am referring to something like this. This screenshot is from Blue Prism where we have control over the encryption key for credentials. I cant find this in UiPath.

Regards,
Anish

1 Like

@anish_shenoy
As i know There are no option like that

@loginerror FYA

Hi @anish_shenoy ,

Maybe my answer will come too late, but I was searching the same info as you, and I think I have found it : The key used for credentials encryption is stored in the orchestrator’s config files.

If you have an old Orchestrator, you may find it in the web.config file at the root of your installation, in the section secureAppSettings. (more info here:
https://docs.uipath.com/orchestrator/v2017.1/docs/encoding-your-encryptionkey )

Concerning recent installations, the encryption key has been moved to UiPath.Orchestrator.dll.config file, section SecureAppSettings. (More info : https://docs.uipath.com/installation-and-upgrade/docs/uipath-orchestrator-dll-config#secureappsettings )

This means that you can check / modify your encryption Key only if you have access to the machine hosting the orchestrator, thus it will be working only for on-premise orchestrator.
If you are using a cloud orchestrator, the key is not accessible to you.

Hope it helps, and happy new year :blush:

1 Like