Best Practices

  • The API User Account doesn’t need the User role as indicated in our basic setup instructions. It is recommended to pursue a least privilege model.

  • Ensure that your API account has View access to the secrets you intend to integrate with. You can then lock down that API account with a custom role that has the following permissions. This has been verified and tested against the 20.x release of Orchestrator/Studio/Robot.

  • If you intend to use a Secret for multiple purposes, such as incorporating password changes in addition to workflow features and it will also be leveraged by a Robot, be sure that the integration matches based on SecretID. Focus on Secret Server specific use cases related to the account first and then integrate with UiPath afterward. Since it is retrieving the password based on SecretID, other fields can be set to your requirements. It is important to note that the integration does not currently work with the Checkout feature.