Bot Agent authentication methods

The Bot Agent is a local client-side component of IBM RPA installed as a Windows service. Its primary responsibility is to manage the activities and settings of the host computer by communicating with the IBM RPA server.

Windows privileges

The Bot Agent is a client-side component that runs on a computer as a Windows service, granting the Bot Agent the privileges of the active Windows Local System user logged in the operating system. These privileges grant the Bot Agent the ability to do administrative tasks that are needed for provisioning the bots.

API Authentication

The Bot Agent connects to IBM Robotic Process Automation server by using a secure HTTPS over TLS 1.2 connection to get server resources. The Bot Agent can also keep a connection alive with the server to get events. For more information, see Real-time communication.

The Bot Agent authenticates with the IBM RPA server by using a unique client certificate that the IBM RPA server issues for each registered computer in the IBM RPA Control Center environment. You need to install this certificate on the computers where the IBM RPA is installed. The certificate contains information about the IBM RPA Control Center environment from which it was issued and the computer, following the X.509 model. The following image shows the Bot Agent authentication request to the IBM RPA's API.

Bot Agent API authentication

HTTPS data in transit protocol

All traffic data between the client's computer and the IBM RPA server uses the HTTPS over TLS 1.2 protocol as a layer of protection. The HTTPS protocol encrypts the data that moves between the computer and the IBM RPA's API and protects them from malicious users.