Execute robot using REST APIs


I’ve been trying to setup REST APIs to execute a bot but i’m facing trouble.

As per the uipath orchestrator api guide, the first step is to get the Authorization barer token by authenticating myself using https://platform.uipath.com/api/account/authenticate API. When i try to make a post request to this, it keeps telling me that my credentials are invalid.

I have tried using swagger, uipath http request and postman but everywhere i get the same error.

Please help me out.

Hi @ahishag

See here for the updated steps on how to authenticate the API for the Cloud platform orchestrator instance:

Additionally, see here for a project that does it for you:

Main things to keep in mind:

  1. API stayed mostly the same. The only difference is in the Authenticate that previously generated bearerToken, and now generates access_token. There is also a small change in the authentication (it now requires two headers).
  2. All actions from the above guide to authenticate only need to be performed once. Afterwards, you will end up with a refresh token that is permanent and can be used to refresh your access_token.

Please also keep this in mind:

Hi loginerror,

Thank you for your reply. I tried this method but I still have a doubt at the step where we get the authorization code.

From what i understand, if we haven’t already manually logged on platform.uipath.com then the url to get auth code will not directly give me the auth code in the url address.

I want to run all of this programmatically and hence i can’t have a manual step to log in.

Can you tell me a way to generate the access token without any manual steps?

Hi @loginerror

Please tell what is the if run the also i am getting the same issue please check these attachments.


Hi @kalyanDev

Could you please contact our Cloud Technical Support here:

I am not sure what can be causing this issue :confused:

There is not much need in generating it programmatically. You only need to do it once, because after you have your refresh_token, it is permanent.
This means that you can make 1 API call to refresh your access_token and you don’t have to go back to the messy way of generating the codes :slight_smile:

Hi there,

Looks like this is something I’m trying to do with my application.

Do I understand correctly, that in order to get a new access token (aka Bearer) there’s no need to jump through all of the loops in the process and just use this call:

“grant_type”: “refresh_token”,
“client_id”: “5v7PmPJL6FOGu6RB8I1Y4adLBhIwovQN”,
“refresh_token”: “[refresh token]”


Thanks in advance

Hi @Petrunenko

Correct :slight_smile: Don’t forget to set the header type as per documentation (content-type application/json).

Thanks! I’ll give it a try later today!

1 Like