Unable to authenticate orchestrator through Restful API

I am using cloud orchestrator.as per 2019 orchestrator guide, I am trying to authenticate orchestrator through restful API by giving below request. But i am getting some response. But I am not sure where I should I look for the token in response.I kept the response below. Give me suggestion if i did anything wrong and advice me the steps to get the token.

URL used: UiPath Orchestrator

Method :post

Headers: Content-Type and user-Agent
Value : application/json

Body raw:

“UsernameOrEmailAddress”: “stalin.ramadoss@takeda.com”,
“tenancyName” : “TakedaDefault”,
“Password”: “********”


Swagger UI
<script src='lib/object-assign-pollyfill-js' type='text/javascript'></script>
<script src='lib/jquery-1-8-0-min-js' type='text/javascript'></script>
<script src='lib/jquery-slideto-min-js' type='text/javascript'></script>
<script src='lib/jquery-wiggle-min-js' type='text/javascript'></script>
<script src='lib/jquery-ba-bbq-min-js' type='text/javascript'></script>
<script src='lib/handlebars-4-0-5-js' type='text/javascript'></script>
<script src='lib/lodash-min-js' type='text/javascript'></script>
<script src='lib/backbone-min-js' type='text/javascript'></script>
<script src='swagger-ui-min-js' type='text/javascript'></script>
<script src='lib/highlight-9-1-0-pack-js' type='text/javascript'></script>
<script src='lib/highlight-9-1-0-pack_extended-js' type='text/javascript'></script>
<script src='lib/jsoneditor-min-js' type='text/javascript'></script>
<script src='lib/marked-js' type='text/javascript'></script>
<script src='lib/swagger-oauth-js' type='text/javascript'></script>

<!-- Some basic translations -->
<!-- <script src='lang/translator.js' type='text/javascript'></script> -->
<!-- <script src='lang/ru.js' type='text/javascript'></script> -->
<!-- <script src='lang/en.js' type='text/javascript'></script> -->

<script type="text/javascript">
	$(function () {

  // Get Swashbuckle config into JavaScript
  function arrayFrom(configString) {
    return (configString !== "") ? configString.split('|') : [];

  function stringOrNullFrom(configString) {
    return (configString !== "null") ? configString : null;

  window.swashbuckleConfig = {
    rootUrl: 'https://platform.uipath.com/takedwgabamq/TakedaDefault:443',
    discoveryPaths: arrayFrom('swagger/docs/V2'),
    booleanValues: arrayFrom('true|false'),
    validatorUrl: stringOrNullFrom(''),
    customScripts: arrayFrom('ext/UiPath-Orchestrator-Web-Api-Scripts-Swagger-Custom-js'),
    docExpansion: 'none',
    supportedSubmitMethods: arrayFrom('get|put|post|delete|options|head|patch'),
    oAuth2Enabled: ('false' == 'true'),
    oAuth2ClientId: '',
    oAuth2ClientSecret: '',
    oAuth2Realm: '',
    oAuth2AppName: '',
    oAuth2ScopeSeperator: ' ',
    oAuth2AdditionalQueryStringParams: JSON.parse('{}'),
    apiKeyName: 'api_key',
    apiKeyIn: 'query'

    highlightSizeThreshold: 5000

  // Pre load translate...
  if(window.SwaggerTranslator) {
  window.swaggerUi = new SwaggerUi({
    url: swashbuckleConfig.rootUrl + "/" + swashbuckleConfig.discoveryPaths[0],
    dom_id: "swagger-ui-container",
    booleanValues: swashbuckleConfig.booleanValues,
    supportedSubmitMethods: swashbuckleConfig.supportedSubmitMethods,
    onComplete: function(swaggerApi, swaggerUi){
      if (typeof initOAuth == "function" && swashbuckleConfig.oAuth2Enabled) {
          clientId: swashbuckleConfig.oAuth2ClientId,
          clientSecret: swashbuckleConfig.oAuth2ClientSecret,
          realm: swashbuckleConfig.oAuth2Realm,
          appName: swashbuckleConfig.oAuth2AppName,
          scopeSeparator: swashbuckleConfig.oAuth2ScopeSeperator,
          additionalQueryStringParams: swashbuckleConfig.oAuth2AdditionalQueryStringParams

      if(window.SwaggerTranslator) {


      window.swaggerApi = swaggerApi;
      _.each(swashbuckleConfig.customScripts, function (script) {
    onFailure: function(data) {
      log("Unable to Load SwaggerUI");
    docExpansion: swashbuckleConfig.docExpansion,
    jsonEditor: false,
    apisSorter: null, // default to server
    defaultModelRendering: 'schema',
    showRequestHeaders: false,
    oauth2RedirectUrl: window.location.href.replace('index', 'o2c-html').split('#')[0]

  if (window.swashbuckleConfig.validatorUrl !== '')
    window.swaggerUi.options.validatorUrl = window.swashbuckleConfig.validatorUrl;

  function addApiKeyAuthorization() {
    var key = $('#input_apiKey')[0].value;
    if (key && key.trim() != "") {
      if (swashbuckleConfig.apiKeyIn === "query") {
          key = encodeURIComponent(key);
      var apiKeyAuth = new SwaggerClient.ApiKeyAuthorization(swashbuckleConfig.apiKeyName, key, swashbuckleConfig.apiKeyIn);
      window.swaggerUi.api.clientAuthorizations.add("api_key", apiKeyAuth);
      log("added key " + key);


  function log() {
    if ('console' in window) {
      console.log.apply(console, arguments);


<div id="message-bar" class="swagger-ui-wrap" data-sw-translate>&nbsp;</div>
<div id="swagger-ui-container" class="swagger-ui-wrap"></div>

Make sure you followed all the steps in the topic below @Stalin_R


@HareeshMR has the best guide that is available to date. Note that there are 12 separate pieces of information that you must have to make this process work. You will start the process with three of them:

and generate/discover the other 9 through the steps described.

If you follow Hareesh’s guide very, very carefully, you will get it to work. Note that he shows a final step that is absolutely required (Generating the API Access Token) that IS NOT mentioned in the official documentation.

I have spent most of the last week understanding how Authentication of the REST API all works, and have a diagram and blog post that covers this in great detail that will be posted somewhere (Do not know where yet) this week. I finished the first draft of the posting on Saturday, and will write on it Monday. I will also have a nodejs tool that creates the 9 pieces of information required (in addition to the starting 3) automatically, and shows how to make REST API calls that automatically refresh the Access Token, and the API Access Token when they expire (24 hours after generated).

If you are open to using a CLI interface to make all of this work, I can give you the nodejs tool I have built (Still in development and testing). All you need is node v10.16.3, chrome, my code, and your initial three pieces of information.

– M

1 Like


Thank you :slight_smile:

If possible, can you share the code with me so that I can test from my side? I have node 8.1.3 version which I have installed a year or two ago. Does the version also affects the performance?


You testing it out would be awesome! Are you Mac or WIndows? I have only tested on Mac, and need to make sure my configuration for the path to Chrome.exe works on Windows, but Node is pretty good about being cross OS compatible.

Node v8.1.3 is pretty old. I am not using anything too wild or new (No experimental features), but I do use await / async heavily, and use a number of npm packages, so I am not sure it runs under v8.1.3. I’d strongly recommend upgrading to the last stable version of node (10.16.3).

Let me test on my Windows 10 box today, and then I will give you a Zip of the entire directory with some simple instructions on setup, and config, and how the tool works.

I’m working on windows machine :slight_smile: . Yeah, no problem with node. Only thing is version compatibility it seems. I will try with this lower version, if it doesn’t work or if I don’t find any packages in this version, I will install the latest one. Waiting for the file to test :slight_smile: