This sounds good, but I’m not sure I got it right.
So the robotA is provisioned with UsernameA, PasswordA.
The thing is that this UsernameA and PasswordA will only entitle you to certain rights - specific to the process A, let’s say. They don’t even have a log screen for SAP, all the needed rights to perform the process are inherited from the UsernameA.
Now, Orchestrator will need to create sessions with specific users for each process (B, C, D… Z)
Reading the assets means that you already logged in with the UsernameA, how do you switch to the UsernameB dynamically?
There are some nasty workarounds for SSO - like creating more robots by provisioning the same machine with different Usernames and Passwords (this is possible in 2016.2). The disadvantage is that you will end up with a huge number of virtual robots (cartesian product of number of processes x number of users) - managing this is not straightforward.
Another way we thought about is to create a loader process and change the robot credentials through API, based on the process. Still not optimal and not very easy to implement.