Get Asset: You are not authenticated! Error code: 0

Recieve an error as soon as the bot reaches the “Get Asset” activity. We should upgraded from 20.4.3 to 20.10.10 and this started happening. Is there a dependency that needs to be updated? It has always worked fine on the last version.

Error:
Get Asset: You are not authenticated! Error code: 0

Hi @PWilliams,

Please check you are connected to the orchestrator with the same folder also check it in your uipath.

If using RE Framwork please check your config file also

Plz tag for more queries. Hope this will work

1 Like

There is more detail regarding this here.

Hope this will definetly help you out.

Regards

1 Like

I had to downgrade the UiPath.System.Activities in order to resolve the issue. Interesting that I cannot upgrade the dependency to a newer version. Opened a ticket up with support.

1 Like

This is a nasty error I spent quite some time chasing yesterday and since I was also trying to migrate from classic to modern folders on a tenant I hadn’t used before it wasted alot of my time.

The error message is complete garbage. Its just a versioning issue, downgrade UiPath.System.Activties to version 20.4.0 and it will work again. Your tenant and/or Studio need to be upgraded to use the later versions.

1 Like

I did downgrade to the earlier version and it resolved my issue. However, we did upgrade Orchestrator and Studio and still couldn’t use the newer version of the UiPath.System.Activities. You would think if I was at Studio version 20.10.8 I could use UiPath.System.Activities 20.10.4.

Yup, thats why I’m so annoyed at this bug, its not even like I’m trying to use wildly different versions. I’m also having a bizarre JSON deserialization bug running processes on an unattended bot on another machine which seems to just be bad versioning. Looks like there was quite abit of a mess around these releases… :confused:

Ended up being a security certificate issue for us. Updated the certificate and it resolved our issues. Weird!

Can you be more specific? Maybe I need to do the same thing?

Our Orchestrator SSL cert was expired. We had to renew the expired cert and update our Orchestrator config file with the thumbprint from the cert.

From Support:

I Understand you are getting the error “Get Asset: You are not authenticated! Error code: 0” after an upgrade. Please find below a step by step guide on how to troubleshoot this issue.

Troubleshooting Steps:

  1. The most common cause of this issue is that the Signing certificate for the Identity Server is expired. Typically this arises when the same certificate was configured for SSL and signing. The SSL certificate is updated when it expires, but the reference the Identity Server has to the SSL certificate was never updated.
  • Open C:\Program Files (x86)\UiPath\Orchestrator\Identity\appsettings.Production.json
  • Look for the certificate thumbprint section
  • Open certlm.msc
  • Go to the personal node and check to see which certificate contains the given thumbprint
  • If the thumbprint is for an expired certificate, see the section ‘Update Signing Certificate’
  1. If the signing certificate is not expired, then there is some other configuration issue with the Identity Server and Orchestrator. By default Orchestrator will hide the specific error. This is a security measure (For more details see the section: Why the Configuration Error is Hidden). To expose the error, do the following:
  • Enable PII needs to be set for true in both the UiPath.Orchestrator.dll.config and the appsettings.production.json
  • After the two settings are enabled, recycle the Orchestrator and Identity Server application pool or from the command line execute: iisreset
    • iisreset will stop the application temporarily and will cause a few seconds of downtime
    • Recycling the app pool should not cause downtime
  • Next, reproduce the issue and then check the Orchestrator Event Viewer logs. There should be more information about the issue. If unsure what the error means, please share it with UiPath Support.

Update Signing Certificate

In most environments, the Identity Server is using the same certificate for signing tokens that is used for its and Orchestrators SSL bindings. If this is not the case, then before proceeding, make sure that the Signing certificate is installed in the Personal node for the computer account.

  1. Find the thumbprint of the Orchestrator certificate
  • In IIS go to that UiPath Orchestrator site
  • On the right side, select ‘Bindings…’
  • Select the binding and then click ‘Edit…’
  • In the menu that pops up, select ‘View…’ and the lower left of the window. This will show the certificate used to bind the port for HTTPS encryption (the SSL certificate)
  • In the Certificate window, go to the Details tab
  • Find the thumbprint information. Copy this thumbprint
  • Note: For Windows 2016 and below, the thumbprint has a breaking hidden character. Make sure to remove it. See step 5 in Setting Orchestrator/ Identity Server to Use the Certificate
  1. Before switching the certificate make sure that the Identity Server application pool has access to the private key.
  • Open certlm.msc
  • Under the Personal node, find the new the certificate with the matching thumbprint
  • Right click->All Tasks->Manage Private Keys
  • Click Add
  • Change the location to the current computer.
  • Add the user ‘IIS APPPOOL\Identity’ and give the user Full control and Read
  1. Use the thumbprint to run the Platform Configuration Tool :
  • The command to run is: C:\Program Files (x86)\UiPath\Orchestrator\Tools\UiPath.Platform.Configuration.Tool\Platform.Configuration.Tool.ps1 UpdateUiPathCertificate -NewTokenSigningThumbprint -SiteName UiPathOrchestrator
  1. Verify that the issue no longer occurs.

Why the Configuration Error is Hidden

The OpenId Connect protocol is very common and allows for applications to use third parties for authentication. For example on cloud.uipath.com the option of using Google, Microsoft or LinkedIn as the authentication source is offered. All of this is possible by using the OpenId Connect protocol.

When authenticating via a third party it is normal to disable any authentication errors by default. This is done to protect PII data (Personal Identifiable Information) which may be present in the error from being exposed.

While the Identity Server and Orchestrator do not quite represent a third party situation where PII data needs to be hidden, this functionality is still part of the underlying framework and it is hidden by default. If desired, the keys to enable the exposure of the error can remain enabled.

Please let me know if this solves the issue, I’ll be happy to help if you need further assistance!

1 Like

Thanks for sharing, looks like its the same setup here. Apparently 6 months ago someone did the upgrade and fluffed this part up.
I think its manifested in all sorts of odd bugs I’ve been trying to nail down, with this insight and a few other mistakes I have noted from that upgrade I think I can finally fix everything!!

Thanks again and hope this topic helps more people!

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.