CI/CD integrations user guide

Last updated May 19, 2026

Analyzing a project

Prerequisites:

Create a project.
Run the CLI exe (for Windows Legacy) or dll (for Windows/Linux/macOS) file.
Add the required Orchestrator API access application scopes.

To analyze a project, take the following steps:

Run the package task, using uipcli package. You can notice a list of the available sub-tasks.
Specify the required parameters and run the analyze sub-task. The following table describes the required parameters.

Note:

Project validation runs as part of the analyze task and cannot be skipped. Validation messages are surfaced alongside Workflow Analyzer messages in the analyzer output.

Legend: (*) - Optional, recommended when using additional package feeds.

Parameter	Description
`Project(s) Path (pos. 0)` ( Required )	The path to the `project.json` file, or the path to the folder that contains multiple `project.json` files.
`--analyzerTraceLevel`	Choose what types of messages to output after analyzing: Off = don't show any message Error - Warning - Info - Verbose .
`-stopOnRuleViolation`	The job fails when any rule is violated.
`--treatWarningsAsErrors`	Treat warnings as errors.
`--resultPath`	The full path to a JSON file where you want to store the results. If you don't add this as an argument, then the results will print only in the standard console.
`--governanceFilePath`	Pass governance policies containing the Workflow Analyzer rules. Policies can be downloaded from , or extracted from the exported compressed zip file from Studio . Note: The task fails if you specify to use a policy but the policy file is not in the mentioned path.
`--ignoredRules`	A list of rules that you want to ignore during the analysis, separated by commas.
`-u` , `--orchestratorUsername` () ( Required* if you use Basic Authentication , through a username and a password)	The username used for authenticating to Orchestrator. You must pair it with the corresponding password.
`-p` , `--orchestratorPassword` () ( Required* if you use Basic Authentication , through a username and a password)	The password used for authenticating to Orchestrator. You must pair it with the corresponding username.
`-t` , `-orchestratorAuthToken` () ( Required* if you use token-based authentication )	The OAuth2 refresh token used for authenticating to Orchestrator. You must pair it with the Account Name and Client ID .
`-a` , `--orchestratorAccountName` () ( Required* if you use token-based authentication )	The Orchestrator CloudRPA account name. You must pair it with the OAuth2 refresh token and Client ID .
`-A` , `--orchestratorAccountForApp` (*)	The Orchestrator CloudRPA account name(organization name). You must pair it with the Application ID , Application Secret , and Application scope for external application.
`-I` , `--orchestratorApplicationId` () ( Required* if you use external application authentication )	The external Application ID. You must pair it with the Application Account, Application Secret , and Application scope** .
`-S` , `--orchestratorApplicationSecret` () ( Required* if you use external application authentication )	The external Application Secret. You must pair it with the Application Account , Application ID , and Application scope .
`--orchestratorApplicationScope` () ( Optional* for external application authentication )	The list of application scopes, separated by single spaces. Optional when using external application authentication as default scopes are automatically applied. You must pair it with the Application Account , Application ID , and Application Secret for external application.
`--orchestratorFolder` (*)	The name of the target Orchestrator folder. To input subfolders make sure to input both the parent folder name and the name of the subfolder. For instance, use `AccountingTeam\TeamJohn` .
`--orchestratorUrl` (*)	The URL of the Orchestrator instance.
`--orchestratorTenant` (*)	The tenant of the Orchestrator instance.
`-l` , `--language`	The orchestrator language.
`--traceLevel`	Display the trace of the events.
`--identityUrl`	The URL of your identity server. Required when the Orchestrator runs on UiPath Automation Suite or standalone Orchestrator (on-premises MSI). Not needed for Automation Cloud — the CLI resolves the identity server from the cloud URL.
`--nugetConfigFilePath`	Path to the NuGet.Config file containing feeds. The `<clear />` tag from the specified file will be ignored and only sources will be taken into consideration.
`--disableBuiltInNugetFeeds`	Disable built-in nuget feeds.
`--excludeConfiguredSources`	Excludes the built-in feeds and the NuGet sources configured at the user and machine level on the host running the CLI. The CLI resolves packages only from the feeds defined in `--nugetConfigFilePath`. See Managing NuGet feeds.
`--ca-cert`	One or more trusted root CA certificate files (PEM, DER, or PKCS#7) used when validating the Orchestrator and Identity Server TLS certificates. Repeat the flag or comma-separate multiple paths. See Trusting custom certificates for details.
`--pinnedpubkey`	Pin the server leaf certificate's public key. Format: `sha256//<base64>`. Checked in addition to standard certificate validation. See Trusting custom certificates for details.

Tip:

For Orchestrator instances signed by a private Certificate Authority (such as UiPath Automation Suite), this command also accepts --ca-cert and --pinnedpubkey parameters. See Trusting custom certificates for scenarios and examples.

Note: Default Application Scopes

When using external application authentication without specifying the --orchestratorApplicationScope parameter, the CLI automatically applies these default Orchestrator scopes:

OR.Assets OR.BackgroundTasks OR.Execution OR.Folders OR.Robots.Read OR.Machines.Read OR.Jobs OR.TestSets OR.TestSetExecutions OR.Monitoring OR.Settings.Read

Usage:

uipcli package analyze <project_path> [--analyzerTraceLevel <analyzer_trace_level>] [--stopOnRuleViolation] [--treatWarningsAsErrors] [--resultPath <result_path>] [--governanceFilePath <governance_file_path>] [--ignoredRules <rule_id_1,rule_id_2>] [--orchestratorUrl <orchestrator_url> --orchestratorTenant <orchestrator_tenant>] [-u <orchestrator_user> -p <orchestrator_pass>] [-t <auth_token> -a <account_name>] [-A <organization_name> -I <application_id> -S <application_secret> --orchestratorApplicationScope <application_scope>] [--orchestratorFolder <folder_name>] [-l <language>] [--traceLevel <None|Critical|Error|Warning|Information|Verbose>] [--identityUrl <identityUrl>] [--disableBuiltInNugetFeeds] [--excludeConfiguredSources]
uipcli package analyze <project_path> [--analyzerTraceLevel <analyzer_trace_level>] [--stopOnRuleViolation] [--treatWarningsAsErrors] [--resultPath <result_path>] [--governanceFilePath <governance_file_path>] [--ignoredRules <rule_id_1,rule_id_2>] [--orchestratorUrl <orchestrator_url> --orchestratorTenant <orchestrator_tenant>] [-u <orchestrator_user> -p <orchestrator_pass>] [-t <auth_token> -a <account_name>] [-A <organization_name> -I <application_id> -S <application_secret> --orchestratorApplicationScope <application_scope>] [--orchestratorFolder <folder_name>] [-l <language>] [--traceLevel <None|Critical|Error|Warning|Information|Verbose>] [--identityUrl <identityUrl>] [--disableBuiltInNugetFeeds] [--excludeConfiguredSources]

Minimal command examples:

uipcli package analyze "C:\userprofile\AutomationProject\project.json" --traceLevel Information --resultPath "C:\userprofile\result.json"
uipcli package analyze "C:\userprofile\AutomationProject\project.json" --traceLevel Information --resultPath "C:\userprofile\result.json" --orchestratorUrl "https://orch-23-10-paas.cloudapp.azure.com/" --orchestratorTenant "TenantName" -u "orchestratorUsername" -p "********" --orchestratorFolder "FolderName"
uipcli package analyze "C:\userprofile\AutomationProject\project.json" --traceLevel Information --resultPath "C:\userprofile\result.json" --orchestratorUrl "https://orch-23-10-paas.cloudapp.azure.com/" --orchestratorTenant "TenantName" -A "organizationName" -I "76000552-3e4f-4590-9317-cdb420001f1d" -S '********' --orchestratorApplicationScope "OR.Folders OR.BackgroundTasks OR.TestSets OR.TestSetExecutions OR.TestSetSchedules OR.Settings.Read OR.Robots.Read OR.Machines.Read OR.Execution OR.Assets OR.Users.Read OR.Jobs OR.Monitoring" --orchestratorFolder "FolderName" --identityUrl "https://orch-23-10-paas.cloudapp.azure.com/identity"
uipcli package analyze "C:\userprofile\AutomationProject\project.json" --traceLevel Information --resultPath "C:\userprofile\result.json" --orchestratorUrl "https://automation-suite.base.url.com/" --orchestratorTenant "TenantName" -A "organizationName" -I "3f6239b9-e0e8-465e-a429-d9ffd1d9e57a" -S '********' --orchestratorApplicationScope "OR.Folders OR.BackgroundTasks OR.TestSets OR.TestSetExecutions OR.TestSetSchedules OR.Settings.Read OR.Robots.Read OR.Machines.Read OR.Execution OR.Assets OR.Users.Read OR.Jobs OR.Monitoring" --orchestratorFolder "FolderName"
uipcli package analyze "C:\userprofile\AutomationProject\project.json" --traceLevel Information --resultPath "C:\userprofile\result.json" --orchestratorUrl "https://cloud.uipath.com/" --orchestratorTenant "TenantName" -A "organizationName" -I "becc663c-8f1e-409a-a75f-c00330d80bc8" -S '********' --orchestratorApplicationScope "OR.Folders OR.BackgroundTasks OR.TestSets OR.TestSetExecutions OR.TestSetSchedules OR.Settings.Read OR.Robots.Read OR.Machines.Read OR.Execution OR.Assets OR.Users.Read OR.Jobs OR.Monitoring" --orchestratorFolder "FolderName"

Was this page helpful?

PREVIOUSSigning project packages

NEXTDeploying a package to Orchestrator