How to update UiPath Orchestrator robot password using APIs

Siva_krishna_Thumma · October 21, 2025, 8:05am

I’m trying to update a user’s password through the UiPath Orchestrator API, but I keep getting an “Unauthorized” error when attempting the update outside of UiPath Studio.

Here are the endpoints I’ve tried:

https://cloud.uipath.com/Org/Tenant/orchestrator_/odata/Users

Using this endpoint, I’m able to update the password successfully from within UiPath Studio (using API activities).
However, when I make the same API call from Postman or any external tool, I receive an “Unauthorized” error — even though the token, organization unit ID, and other details are correct.

https://cloud.uipath.com/Org/UAT/orchestrator_/odata/Sessions/UiPath.Server.Configuration.OData.GetGlobalSessions?$expand=Robot

This endpoint successfully retrieves all user and robot session details, but I can’t perform any update operations through it.

https://cloud.uipath.com/Org/UAT/orchestrator_/odata/Sessions/UiPath.Server.Configuration.OData.GetGlobalSessions?$expand=Robot(Id)

I also tried this endpoint to target a specific robot ID, but it returns a “405 Method Not Allowed” error when I attempt to update the password.

I’ve verified that:

The access token is valid.

Siva_krishna_Thumma · October 21, 2025, 9:27am

If anyone has any ideas or suggestions on this, it would be greatly appreciated!
I’ve been trying multiple API combinations but still can’t find a working way to update the user (robot) password outside UiPath Studio.

bhavesh.choubey · October 21, 2025, 10:25am

Hello @Siva_krishna_Thumma

First Get access token

POST https://cloud.uipath.com/identity_/connect/token

Body

grant_type=client_credentials client_id=YOUR_CLIENT_ID client_secret=YOUR_CLIENT_SECRET scope=OR.Users OR.Users.Write

Update user password

PATCH https://cloud.uipath.com/{org}/{tenant}/orchestrator_/odata/Users({userId})

Headers

Authorization: Bearer {access_token} X-UiPath-TenantName: {tenant} Content-Type: application/json

Body

{ “Password”: “NewPassword123!” }

And make sure it works only with a Service Account token that has “Edit Users” permission.
If you use a normal user token then you’ll get 401 Unauthorized.

rishabh.singh · October 21, 2025, 10:36am

Hey @Siva_krishna_Thumma,

This happens quite often when trying to update passwords through the Orchestrator API outside UiPath Studio.

Studio works because it uses an internal authenticated connection. When using Postman or another external tool, the request fails with 401 Unauthorized or 405 Method Not Allowed if the token or endpoint isn’t correct.

How to update a user’s password correctly

Endpoint:

PATCH https://cloud.uipath.com/{org}/{tenant}/orchestrator_/odata/Users({userId})

Headers:

Authorization: Bearer {access_token}

X-UiPath-OrganizationUnitId: {folderId} // if modern folders

Content-Type: application/json

Body (if updating your own password):

{

“OldPassword”: “CurrentPassword”,

“Password”: “NewPassword123!”

}

Body (if updating another user):

{

“Password”: “NewPassword123!”

}

Important points

The token must be from a user or external app with: OR.Users.Read and OR.Users.Write scopes.
Robot tokens won’t work for password updates.
The /Sessions endpoint is read-only, so it can’t be used to update anything (hence the 405 error).

Quick checklist

Correct token with Users - Edit permission
PATCH to /odata/Users({id})
Proper headers and folder ID
Don’t use /Sessions for updates

Example successful call:

PATCH UiPath

{

“Password”: “NewPassword@123”,

“OldPassword”: “CurrentPassword@123”

}

Hope this clears things up! Once you use the correct token and endpoint, it should work fine.

Siva_krishna_Thumma · October 21, 2025, 11:52am

Hi @bhavesh.choubey ,

Thank you for the response. I was trying the solution that you have mentioned. I’m getting the status as 200 OK but, the password is not updating in the robot account section. do you have any idea on this?

Michael.Vornes · October 21, 2025, 11:26pm

Hi
When updating a user password from Studio it works because Studio uses an internal session with elevated permissions. External calls like Postman need a token from a user with Tenant Administrator role and the correct headers (Authorization, OrganizationUnitId, Content-Type). Also, make sure you’re calling the Users endpoint with PATCH, not read-only endpoints like GetGlobalSessions.

chandresh_agarwal · October 22, 2025, 5:42am

Check if you use some other means like secret server

Anil_G · October 22, 2025, 9:31am

@Siva_krishna_Thumma

Welcome to the community

did you provide the right scope in external application?

cheers

sonaliaggarwal47 · October 22, 2025, 11:16am

@Siva_krishna_Thumma

I think you need more scopes here to be able to update password especially or.administration or.administration.write

Topic		Replies	Views
How to Reset UiPath Orchestrator Robot Password Using API? API Workflows question	4	26	December 15, 2025
API for resetting user passwords Orchestrator orchestrator , question	3	791	January 3, 2023
How to update Robot password using Orchestrator API Orchestrator orchestrator , question	2	1500	July 29, 2022
How to update the Robot Credentials using API for Modern Folders Orchestrator orchestrator , studio , question	7	1003	January 14, 2023
Orchestrator API - Update modern Unattended Robot password Orchestrator api	5	3467	March 4, 2022

How to update UiPath Orchestrator robot password using APIs

Related topics