Org-level Robot Account vs User Account

Previous experience with v2018 and v2020 on prem, however I’m somewhat new to Automation Cloud (v2021+). I see the option at the Org level to create a Robot account instead of a User account.

The only documentation I can find is here: About Accounts

  1. It says “they are a non-user identity to be used to run unattended processes”. When it mentions non-user, the robot accounts setup in AD are typically User accounts. I’m assuming it means actual human user?

  2. When it says “robot accounts are not allowed any interactive-related process configuration” is it talking about Attended-type interaction (like a text box or form)? Or does it mean it prevents UI interactions? I see the option for ‘Run Foreground Automations’ where it asks for credentials, so I’m assuming that would then allow all UI interactions.

So what are the advantages to setting up a Robot Account in Orchestrator instead of a User Account then simply adding the Robot permissions and disabling the ‘Attended’ option? Are there any considerations or disadvantages to setting up a Robot Account vs a User Account?

No, AD account aren’t just for humans anymore. Unattended robot uses a login for system and applications, so they should have a AD instance as per organization governance rules…

You got this right :+1:

not exactly.
Interactive capabilities means: Attended robot can have interactive login capabilities, scheduling foreground and background processes, using assistant for reminder.

Hope this helps a bit!

It’s but easy to digest the modern folder, you’ll learn while using it and if want to learn quickly, try messing around on your own too understand.

1 Like

Thanks for the reply. Question however:

No, AD account aren’t just for humans anymore. Unattended robot uses a login for system and applications, so they should have a AD instance as per organization governance rules…

I think there was a small misunderstanding with my first point. I was meaning the documentation says ‘non-user identity’, however in AD, robot accounts are typically setup as a User-type and not a MSA or gMSA since MSA-type accounts are typically prevented from interactive login in most environments. When the documentation says ‘non-user identity’, I’m assuming it’s just meaning ‘non-human’? Or is it meaning it’s expecting an MSA/gMSA account to be used?

yes, according to me unattended robot accounts should be managed service accounts.

However it depends on the infrastructure setup of an organization also. If there’s no MSA setup or group policy enabled, mostly in case of smaller firms.

Let’s see what UiPath team has to say on this…