Unable to get authentication token while connecting to orchestrator via powershell

I am writing powershell script to create a tenant in orchestrator. In order to do that I am trying to fetch authentication token using below script, but it does not seem to work.

$authToken = Get-UiPathAuthToken -URL $orchestratorURL -Password $hostPassword -Username “admin” -TenantName “default”

I am getting below mentioned error.

Note :: I am trying to connect to orchestrator hosted on azure with muti-tenancy enabled.

@Pablito , @Remus_Rusanu Please let me know if you guys have any idea on this…

Get-UiPathAuthToken [-URL] -Password -Username -TenantName

It could be parameter value related issue.
instead of using variables - pls try to input all values directly and check again.

To create a new tenant you have to connect to the “Host” tenant:

Get-UiPathAuthToken ... -Username “admin” -TenantName “Host”

@Remus_Rusanu I am able to connect now in different powershell session. Actually if in same powershell script I am loging in to my azure account and fetching username and password from the key-vault, then assigning them to variables and then trying to connect to orchestrator it gives above error.

I am not much into powershell so please let me know if doing this is correct or not as in my scenario I need to fetch orchestrator credentials from azure key vault.

For sake of understanding the scenario below is stripped down version of the actual script that is trying to access azure key vault first then connecting to uipath orchestrator.

$ErrorActionPreference = “Stop”

sign in

Write-Host “Logging in…”;

Login-AzureRmAccount;

Connect-AzAccount

accept subsciptionID

if($subscriptionId -eq ‘’) {
$subscriptionId = Read-Host -Prompt ‘Please enter your subscription ID’
}

select subscription

Write-Host “Selecting subscription ‘$subscriptionId’”;
Select-AzSubscription -SubscriptionID $subscriptionId;

accept vaultName, secret name

if($vaultName -eq ‘’) {
$vaultName = Read-Host -Prompt ‘Please enter key-vault name’
}
if($secretNameHost -eq ‘’) {
$secretNameHost = Read-Host -Prompt ‘Please enter secret name used to fetch the password that connects to orchestrator.’
}

Fetch secrets from keyvault (host admin password)

$hostPassword = (Get-AzKeyVaultSecret -vaultName “$vaultName” -name “$secretNameHost”).SecretValueText

if($secretNameAdmin -eq ‘’) {
$secretNameAdmin = Read-Host -Prompt ‘Please enter key-vault name’
}

Fetch secrets from keyvault (admin password)

$adminPassword = (Get-AzKeyVaultSecret -vaultName “$vaultName” -name “$secretNameAdmin”).SecretValueText

logout from azure

Disconnect-AzAccount

accept orchestrator URL, TenantName, AdminName, AdminPassword, AdminEmail

if($orchestratorURL -eq ‘’) {
$orchestratorURL = Read-Host -Prompt ‘Please enter orchestrator URL where tenant needs to be created’
}
if($tenantName -eq ‘’) {
$tenantName = Read-Host -Prompt ‘Please enter unique Tenant name for orchestrator’
}
if($adminName -eq ‘’) {
$adminName = Read-Host -Prompt ‘Please enter admin name for your tenant.’
}
if($adminEmail -eq ‘’) {
$adminEmail = Read-Host -Prompt ‘Please enter admin email address’
}

Write-Host “$orchestratorURL”

connect to orchestrator and save the token for current session

$suthToken = Get-UiPathAuthToken -URL $orchestratorURL -Password $hostPassword -Username “admin” -TenantName “Host”

fetch all tenants

Get-UiPathTenant -AuthToken $authToken | ForEach-Object{
if($_.Name -eq $tenantName){
throw “Tenant with name ‘$tenantName’ already exists in orchestrator.”
}
}

create new tenant

if($adminSurname -eq ‘’){
Add-UiPathTenant -AdminEmailAddress $adminEmail -AdminName $adminName -Name $tenantName -AdminPassword $adminPassword -AuthToken $authToken
}
else{
Add-UiPathTenant -AdminEmailAddress $adminEmail -AdminName $adminName -AdminSurname $adminSurname -Name $tenantName -AdminPassword $adminPassword -AuthToken $authToken
}

Note :: I have not included parameters section in the above script.

Typically the problem occurs because another library loads a conflicting module into the PoSh process. The usual suspect is Newtonsoft.Json.dll, and and old version is loaded by the old Azure Automation library (see Add Support for Newtonsoft.Json.dll v10 or higher – Customer Feedback for ACE Community Tooling). Switching to the modern Az module solves the problem (see Introducing the Azure Az PowerShell module | Microsoft Docs)

@Remus_Rusanu Already switched to Az module. In my scripts as well you would be able to see command “Connect-AzAccount” used for loging in.

Even then I am facing this issue. Please suggest what else could be done to have this scenario work.

You could run this command, in a PowerShell session where the Orchestrator cmdlets are not working:

[System.AppDomain]::CurrentDomain.GetAssemblies()  | Select FullName

In a good system, it would show an entry like this:

...
Newtonsoft.Json, Version=12.0.0.0, Culture=neutral, PublicKeyToken=30ad4fe6b2a6aeed
...

If it shows a different version, it means there is another auto-load module (or a cmdlet you have in your profile, or a cmdlet that you run before…) that loaded an old version.

This sort of issues is difficult to diagnose remotely. Even if you find out that is not Newtonsoft.Json, it could be another assembly that has a similar problem.

I am able to see 2 versions for “Newtonsft.Json” , version=10.0.0 as well as version=12.0.0 :frowning:

Looks like the same as Error when running from VS Code Powershell Extension integrated console · Issue #94 · UiPath/orchestrator-powershell · GitHub
Please Update-Module uipath.powershell, make sure you run version 19.10.0.13

2 Likes

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.