I have deployed Orchestrator v2022.4 on Azure.
I can login to the host tenant, but can’t log in to the Default tenant or the newly created tenant.
Invalid credentials (#MTI_7) is displayed on login error.
I think the password is correct because I can get the information with the API.
If anyone knows the cause, please let me know.
Is the tenant name correct then?
Yes, the tenant name is correct.
Also, when I try to create a new tenant and log in, I get the same error.
Can you make your host login once and show tenants page pls
We have an on-prem installation, so this may not be helpfull. But we have just deployed v2022.4 on-prem. We faced a similar problem, where we were able to log-in to the Host, and perform operations on it. But we were unable to log-in to any of our tenants. We recieved 2 different error messages.
- invalid credentials
- Unauthorized
Apparently the config for Identity-server was pointing to an invalid certificate. The identity-server is responsible for authentication Tokens.
We just had to change the value of the SigningCredentialSettings\StoreLocation\Name
to match the valid certificate.
config is found here: {InstallationPath}\UiPath\Orchestrator\Identity\appsettings.Production.json
hi @miito_0320
Once you deploy the Orchestrator , it will be expose you to create , HOST tenant password and Default tenant password
Make sure that u are used both same or do u have any separate
Tenants page is below.
I tried to create another tenant for testing, but I can’t log in as well.
Also, I found that I can connect by removing the access restriction of Azure AppService.
If I add the permission setting of the connection source IP address, I will not be able to log in other than the host tenant.
I searched for the file appsettings.Production.json, but couldn’t find it.
I will look for a file with similar settings.
I tried changing each password, but the problem was not resolved…
I understand the cause. The AppService of the Orchestrator only allowed access to the global IP of the client, but it also needed to allow the global IP of IdentityServer.
I must also allow the global IP of Orchestrator to IdentityServer.
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.