UiPath Documentation
orchestrator
2022.10
false
  • Getting started
    • Introduction
    • User Options
    • Logging in to Orchestrator
    • Resetting Your Password
    • My Profile
    • Robots
      • Robot Statuses
      • Robot Settings
    • Auto Updating Client Components
    • Orchestrator Configuration Checklist
  • Best practices
    • Organization Modeling in Orchestrator
    • Managing Large Deployments
    • Automation Best Practices
    • Optimizing Unattended Infrastructure Using Machine Templates
    • Organizing Resources With Tags
    • Orchestrator Read-only Replica
  • Tenant
    • About the Tenant Context
    • Searching for Resources in a Tenant
    • Robots
      • Managing Robots
      • Connecting Robots to Orchestrator
      • Storing Robot Credentials in CyberArk
      • Storing Unattended Robot Passwords in Azure Key Vault (read-only)
      • Storing Unattended Robot Credentials in HashiCorp Vault (read-only)
      • Deleting Disconnected and Unresponsive Unattended Sessions
      • Robot Authentication
      • Robot Authentication With Client Credentials
      • SmartCard Authentication
    • Folders
      • Managing Folders
      • Classic Folders Vs Modern Folders
      • Migrating From Classic to Modern Folders
      • Administration of Modern Folders
      • Personal Workspaces
      • Managing Personal Workspaces
    • Monitoring
      • Unattended Sessions
      • User Sessions
      • License
    • Managing Access and Automation Capabilities
      • Assigning Roles
      • Managing Roles
      • Default Roles
      • FAQ
      • Enabling Users to Run Personal Automations
      • Enabling Users to Run Automations on Unattended Infrastructure Via Unattended Robots
      • Configuring Robot Accounts to Run Unattended Automations
    • Machines
      • Managing Machines
      • Assigning Machine Objects to Folders
      • Configuring Account-machine Mappings
      • EDR Protection Status
    • Packages
      • Managing Packages
      • About Libraries
      • Managing Libraries
    • Audit
    • Credential Stores
      • Managing Credential Stores
      • CyberArk® Integration
      • CyberArk® CCP Integration
      • Azure Key Vault Integration
      • HashiCorp Vault Integration
      • BeyondTrust Integration
      • Thycotic Secret Server Integration
    • Webhooks
      • Types of Events
      • Managing Webhooks
    • Licensing
      • Managing Your Licenses
    • Alerts
      • Configuring User Alerts
      • Alert Emails
      • Setting up Alert Emails
    • Settings
      • Deployment Tab
      • Robot Security Tab
      • Scalability Tab
  • Resource Catalog Service
    • About Resource Catalog Service
  • Folders Context
    • About the Folders Context
    • Home
  • Automations
    • About Automations
  • Processes
    • About Processes
    • Managing Processes
    • Managing Package Requirements
    • About Recording
  • Jobs
    • About Jobs
    • Managing Jobs
    • Job States
    • Working with long-running workflows
    • Running Personal Remote Automations
    • Troubleshooting Jobs
  • Triggers
    • About Triggers
    • Managing Triggers
    • Using Cron Expressions
  • Logs
    • About Logs
    • Managing Logs in Orchestrator
    • Logging Levels
    • Orchestrator Logs
  • Monitoring
    • About Monitoring
    • Machines
    • Processes
    • Queues
    • Queues SLA
    • Exporting usage data
  • Queues
    • About Queues and Transactions
      • Queue Item Statuses
      • Business Exception Vs Application Exception
      • Studio Activities Used With Queues
    • Bulk Uploading Queue Items Using a CSV File
    • Managing Queues in Orchestrator
    • Managing Queues in Studio
    • Managing Transactions
      • Editing Transactions
      • Field Descriptions for the Transactions .csv File
    • Review Requests
  • Assets
    • About Assets
    • Managing Assets in Orchestrator
    • Managing Assets in Studio
    • Storing Assets in Azure Key Vault (read-only)
    • Storing Assets in HashiCorp Vault (read-only)
  • Storage Buckets
    • About Storage Buckets
      • CORS/CSP Configuration
    • Managing Storage Buckets
    • Moving Bucket Data Between Storage Providers
  • Orchestrator testing
    • Test Automation
    • Test Cases
      • Field Descriptions for the Test Cases Page
    • Test Sets
      • Field Descriptions for the Test Sets Page
    • Test Executions
      • Field Descriptions for the Test Executions Page
    • Test Schedules
      • Field Descriptions for the Test Schedules Page
    • Test Data Queues
      • Managing Test Data Queues in Orchestrator
      • Managing Test Data Queues in Studio
      • Field Descriptions for the Test Data Queues Page
      • Test Data Queue Activities
  • Other Configurations
    • Increasing the Size Limit of Package Files
    • Setting up Encryption Key Per Tenant
    • GZIP Compression
  • Integrations
    • About Input and Output Arguments
      • Example of Using Input and Output Arguments
  • Classic Robots
    • Robots
      • Managing Robots
      • Robot Statuses
      • Setup Samples
    • Environments
      • Managing Environments
    • Jobs
    • Triggers
    • Monitoring
      • Robots
    • Resources
  • Host administration
    • About the host level
    • Managing system administrators
    • Managing tenants
    • Configuring host authentication settings
      • Reconfiguring authentication after upgrade
      • Allowing or restricting basic authentication
      • Configuring SSO: SAML 2.0
        • ADFS Authentication
        • Google Authentication
        • Okta Authentication
        • PingOne Authentication
        • Custom Mapping
        • Self-signed Certificates
        • Private Key Certificates
      • Configuring SSO: Google
      • Configuring SSO: Azure Active Directory
      • Configuring the Active Directory Integration
        • Switching between Active Directory adapters
    • Managing your host license
      • Allocating Licenses to Tenants
    • Configuring other host settings
      • Customizing the Login page
      • Session Policy
      • Orchestrator Host Settings
    • Configuring system email notifications
    • Audit logs for the host portal
    • Maintenance Mode
  • Organization administration
    • About organizations
    • Managing organization administrators
    • Managing organization settings
    • Configuring organization authentication
      • Allowing or restricting basic authentication
      • Setting up the Azure AD integration
      • Configuring the SAML integration
    • Configuring security options
      • Session policy
    • About licensing
      • Activating your license
    • Accounts and groups
      • Managing access
      • Managing accounts and groups
    • Authorizing external applications
      • Managing external OAuth applications
    • Overriding system email settings
    • Audit logs
  • Troubleshooting
    • About Troubleshooting
    • Alerts troubleshooting
    • General troubleshooting
    • Upgrade troubleshooting
    • Frequently Encountered Orchestrator Errors
UiPath logo, featuring letters U and I in white
OUT OF SUPPORT

Orchestrator user guide

Last updated Dec 16, 2025

Managing system administrators

System administrators, also known as host administrators, have the required privileges to configure all host-level settings, which apply for all your organizations and tenants.

First system administrator

After completing the installation, the admin user account is automatically provisioned which has system administrator privileges.

Where can I get the credentials?

The user name for the first system administrator account is always admin, and the password is the one you set during installation. For details refer to the installation docs: Windows installer - wizard (UI) | Windows installer - command line (CLI) | Azure - script.

You can use this account to log in to the host portal. If needed, with this account you can create additional system administrator accounts.

Adding a system administrator

When adding system administrators, you can create a local account for them, or add a directory account.

  1. Log in to the Management portal with a system administrator account.

    The Management portal opens.

  2. Select the Users tab from the menu on the left.
  3. Select Add User in the top right of the page.

    The Add User panel opens from the right of the window.

    • If the new account will use their username and password (basic authentication) to log in, fill in the password for the account. The system administrator may be required to reset their password on first login, depending on your security settings.
    • If the new account will log in with Google or Microsoft Entra ID, you must fill in the email and it should match the one tied to their account in the external provider.
    • For a new log in via SAML, the fields will match the selected SAML user mapping. If the user mapping is set to by user email, then the email must be filled in. If the user mapping is set to by username, then the username must match the username in the SAML identity provider.
    • For a new log in via Windows Authentication (Active Directory), the username must be of the form user@domain - for example, john.doe@uipath.
  4. Fill in the fields with the details for the new system administrator account.

    You are required to define the password for the account. The system administrator may be required to reset their password on first login, depending on your security settings.

  5. Select Save to create the account and close the panel.

    The new account is now displayed in the users list.

    An email notification is sent to the provided email address if host-level SMTP settings have been configured. Depending on your security settings, the new system administrator may be required to confirm their email address.

  6. Provide the username (or email address) and password you provided for the account to the new system administrator so that they can log in.

Editing account details

As a system administrators, you can change the details of another system administrator account, including the account password.

To edit account details of an existing system administrator account:

  1. Log in to the host portal with a system administrator account. The host portal opens.
  2. Select Users. The Users page opens displaying the list of system administrators.
  3. Select the Edit icon at the right end of the account row. The Edit User panel opens from the right of the window.
  4. Edit the information as needed.
  5. Select Save to apply your changes and close the panel.

Deleting system administrator accounts

As a system administrator, you can delete system administrator accounts to prohibit a user from accessing the host portals.

Note: You cannot delete your own account. You also cannot delete the last system administrator account. This is to prevent getting locked out of the host portals.

To remove a system administrator account:

  1. Log in to the host portal with a system administrator account. The host portal opens.
  2. Select Users. The Users page opens displaying the list of system administrators.
  3. Select the Delete icon at the right end of the account row.
  4. In the confirmation dialog, select Delete to confirm the action.

The account is removed from the users list and can no longer log in to the host portal.

Was this page helpful?

Connect

Need help? Support

Want to learn? UiPath Academy

Have questions? UiPath Forum

Stay updated