IBM RPA Control Center user authentication

IBM Robotic Process Automation as a Service offering uses OAuth2 Bearer Token for authentication. For new users to have access to your organization's environment in IBM RPA Control Center, you need to register them in the environment. To get access to a new environment, an IBM RPA Control Center Platform Administrator needs to create a new environment for you and register you as the first administrator user

In the IBM RPA on premises offering, you can choose between OAuth2 Bearer Token or Single Sign-On (SSO) authentication. The former is the default option. You configure the appropriate method during installation. For more information, see SSO.

🛈 Exception: You can't mix these two modes of authentication together.

For new users to have access to your organization's environment in your on premises IBM RPA Control Center, you need to register them in the environment. To get access to a new environment, a user with Platform Administrator and Tenant Administrator roles in the first environment needs to create a new environment and register a user to it. You define the first environment during the IBM RPA server installation. For more information about the first environment, see IBM RPA Control Center environments.

First login policy

For the first login, tenant administrators can opt for a Local identity provider, or a custom identity provider.

For a Local identity provider, the user get an email with a link to access the IBM RPA Control Center, and proceed to change their password. For a custom identity provider, in on premises environments only, the user receive an email with a link to access the IBM RPA Control Center, and proceed to login through SSO. Tenant administrators can change user's identity provider.

Login attempt policy

Users can fail to log in a maximum of five times before the security system blocks the user account. To unblock the user, the environment administrator needs to reset the user's password.

Password complexity policy

IBM Robotic Process Automation enforces the following rules for user passwords in the IBM RPA Control Center's environments:

  • The password must be at least 10 characters long.
  • The password must have at least one digit.
  • The password must have at least one lowercase character.
  • The password must have at least one uppercase character.
  • The password must have at least one nonalphanumeric character.