Website with MFA does not login when Unattended

jwalbrun · February 28, 2023, 1:45pm

I have a website I am logging into. I have authenticated my local machine and the robot’s machine. If I am running the process locally or watching it run unattended on the bot’s machine, the login is successful. However, if I do not open the session to watch the unattended process, the website will go to the authentication screen after logging in rather than into the website.

Why does the website require MFA if the process is running unattended on the VM but does not if I log into the VM and watch the process run?

Is there an activity or some other method I should be using to login to this site?

I am using the same credentials to log in.

scott_zielinski · March 15, 2023, 7:08pm

This is likely a security feature. It very well may know that the input is coming in as “headless”, i.e., a bot. I think there’s a different Windows run level when its running unattended. Something related to how you’re logged in. When viewing, you logged in. When unattended, the bot is running at a system (or application) level, whereas when you’re watching, its running at a user level. This appears to a site as a different configuration, thus it prompts for 2FA.

Not sure how your multi is configured, but, you may have to automate this as well.

I.E. if it sends an email, you may need an email Activity to wait for that email - scrape the code, then write it into the 2FA prompt.

ignasi.peiris · March 15, 2023, 7:14pm

As @scott_zielinski suggested, indeed when you’re logging to the machine to “see” it running, the process is actually running Attended, since you made the connection, and not unattended, being the bot who made the connection.

What you can try is the following:

To make sure that the robot is performing a clean login to the machine, and not inheriting an old session:

1- Make sure you Sign out from the machine, important to sign out, not closing the VM or disconnecting:

2- Navigate to your Orchestrator, find your Robot settings, and let them be as follows:

Disclaimer: Check both options (Login to console Activated, but set to “NO”, and also check setting it to “YES”, seen bots that require a different one based on machine config.

Login To Console is the setting in charge of defining the type of login that the bot will do when running unattended.

Hope it helps!

scott_zielinski · March 15, 2023, 7:16pm

Yes! I had forgotten about Login to Console.

Most Active Users - Yesterday
Anil_G
fernando_zuluaga
selinsecmen
arjunshenoy
Snowman
Suresh_Reddy
jackie.yue
More details...