orchestrator

2022.10

false

Getting started
- Introduction
- User Options
- Logging in to Orchestrator
- Resetting Your Password
- My Profile
- Robots
  - Robot Statuses
  - Robot Settings
- Auto Updating Client Components
- Orchestrator Configuration Checklist
Best practices
- Organization Modeling in Orchestrator
- Managing Large Deployments
- Automation Best Practices
- Optimizing Unattended Infrastructure Using Machine Templates
- Organizing Resources With Tags
- Orchestrator Read-only Replica
Tenant
- About the Tenant Context
- Searching for Resources in a Tenant
- Robots
- Folders
- Monitoring
- Managing Access and Automation Capabilities
- Machines
- Packages
- Audit
- Credential Stores
- Webhooks
  - Types of Events
  - Managing Webhooks
- Licensing
  - Managing Your Licenses
- Alerts
- Settings
Resource Catalog Service
- About Resource Catalog Service
Folders Context
- About the Folders Context
- Home
Automations
- About Automations
Processes
- About Processes
- Managing Processes
- Managing Package Requirements
- About Recording
Jobs
- About Jobs
- Managing Jobs
- Job States
- Working with long-running workflows
- Running Personal Remote Automations
- Troubleshooting Jobs
Triggers
- About Triggers
- Managing Triggers
- Using Cron Expressions
Logs
- About Logs
- Managing Logs in Orchestrator
- Logging Levels
- Orchestrator Logs
Monitoring
- About Monitoring
- Machines
- Processes
- Queues
- Queues SLA
- Exporting usage data
Queues
- About Queues and Transactions
- Bulk Uploading Queue Items Using a CSV File
- Managing Queues in Orchestrator
- Managing Queues in Studio
- Managing Transactions
  - Editing Transactions
  - Field Descriptions for the Transactions .csv File
- Review Requests
Assets
- About Assets
- Managing Assets in Orchestrator
- Managing Assets in Studio
- Storing Assets in Azure Key Vault (read-only)
- Storing Assets in HashiCorp Vault (read-only)
Storage Buckets
- About Storage Buckets
  - CORS/CSP Configuration
- Managing Storage Buckets
- Moving Bucket Data Between Storage Providers
Orchestrator testing
- Test Automation
- Test Cases
  - Field Descriptions for the Test Cases Page
- Test Sets
  - Field Descriptions for the Test Sets Page
- Test Executions
  - Field Descriptions for the Test Executions Page
- Test Schedules
  - Field Descriptions for the Test Schedules Page
- Test Data Queues
Other Configurations
- Increasing the Size Limit of Package Files
- Setting up Encryption Key Per Tenant
- GZIP Compression
Integrations
- About Input and Output Arguments
  - Example of Using Input and Output Arguments
Classic Robots
- Robots
- Environments
  - Managing Environments
- Jobs
- Triggers
- Monitoring
  - Robots
- Resources
Host administration
- About the host level
- Managing system administrators
- Managing tenants
- Configuring host authentication settings
- Managing your host license
  - Allocating Licenses to Tenants
- Configuring other host settings
- Configuring system email notifications
- Audit logs for the host portal
- Maintenance Mode
Organization administration
- About organizations
- Managing organization administrators
- Managing organization settings
- Configuring organization authentication
- Configuring security options
  - Session policy
- About licensing
  - Activating your license
- Accounts and groups
  - Managing access
  - Managing accounts and groups
- Authorizing external applications
  - Managing external OAuth applications
- Overriding system email settings
- Audit logs
Troubleshooting
- About Troubleshooting
- Alerts troubleshooting
- General troubleshooting
- Upgrade troubleshooting
- Frequently Encountered Orchestrator Errors

Orchestrator user guide

DELIVERY:

Last updated Jul 1, 2025

Private Key Certificates

When configuring SAML 2.0 authentication, it is necessary to specify certain claims for the certificate provided by the identity provider. This is a step-by-step procedure on how to configure your Orchestrator instance to use a private key SAML certificate. The procedure begins with importing the certificate into the Windows Local Machine certificate store using Microsoft Management Console, and continues with the actual configuration steps required in Orchestrator/Identity Server.

Importing a Certificate in Windows

Go to Control Panel > Manage Computer Certificates. The console is displayed.
In the Console Root window's left pane, expand the Trusted Root Certification Authorities folder and then select Certificates.
Select Certificates and then select All Tasks > Import. The Certificate Import Wizard is displayed.
Make sure that Local Machine is selected in the Store Location section. Select Next.
Select Browse and select the certificate to upload.
Repeat this process for the Console Root / Personal folder.

Setting Orchestrator/Identity Server to Use the Certificate

Once the upload is complete, the certificate should be displayed in the console.
Select it. The Certificate dialog box is displayed.
On the Details tab, scroll through the list of fields and select Thumbprint.
Copy the hexadecimal characters from the box.
Remove the spaces between the characters. For example, the thumbprint "a9 09 50 2d d8 2a e4 14 33 e6 f8 38 86 b0 0d 42 77 a3 2a 7b" should be specified as "a909502dd82ae41433e6f83886b00d4277a32a7b" in Identity Server's Saml2 settings within External Providers page.

Note: When copied from the box on the Certificate window, the thumbprint contains several special characters that are only visible in ANSI encoding. Make sure to delete those using a suitable application such as Notepad++.

The following serves as an example of getting a thumbprint ready for Identity Server's Saml2 settings within External Providers page.
Log in to the host Management portal as a system administrator.
Select Security.

Note: If you are still using the old Admin experience, go to Users instead of Security.
Select Configure under SAML SSO:

The SAML SSO configuration page opens.
Under the Signing Certificate section, set the following:
- Store name - select My
- Store location - select LocalMachine
- Thumbprint - enter the thumbprint value you've previously prepared.
Select Save at the bottom to save you changes and close the panel.
Restart the IIS server.

On this page

Private Key Certificates
Importing a Certificate in Windows
Setting Orchestrator/Identity Server to Use the Certificate

Was this page helpful?

PREVIOUSSelf-signed Certificates

NEXTConfiguring SSO: Google

Support and Services

Get The Help You Need

Learning RPA - Automation Courses

UiPath Community Forum

Trust and Security

© 2005-2025 UiPath. All rights reserved.