orchestrator
2025.10
false
UiPath logo, featuring letters U and I in white

Orchestrator API guide

Last updated Oct 27, 2025

Authorizing API calls in Swagger

Accessing Swagger

To access the Orchestrator API Swagger, append /swagger/index.html to the Orchestrator URL. For example, https://{yourDomain}/swagger/index.html.

The API you see in Swagger is directly dependent on the Orchestrator instance you use. To easily make requests directly in Swagger, log in to Orchestrator in another tab.

Obtaining an access token

To authorize API calls via the Swagger UI for Orchestrator services, perform the following steps:

  1. Look for the Authorize button at the top right corner of the Orchestrator API page. If the lock is open, you are unauthorized.

    Figure 1. Authorize button

  2. Select Authorize. The Available authorizations window is displayed.

    Note: We currently support one authorization scheme called OAuth2.
    Figure 2. Available authorizations

  3. All scopes are preselected such that you can experiment with all endpoints in the Orchestrator API. Clear them if you want to restrict access to certain APIs.
  4. Select Authorize. A new window is displayed confirming you have been authorized.
  5. Once done, select Close or X to close the Available authorizations window. The Authorize button shows an closed lock meaning you are authorized.

Sending requests

While authorized, you can make requests on Orchestrator API resources as follows:

  1. Expand an Orchestrator API resource with which you want to perform an operation. The closed lock means that you’re authorized.
    Figure 3. Unauthorized API resource

  2. In the expanded method window, select Try it out.
  3. Specify parameter values if required.
  4. Select Execute. The request is executed. A bearer authorization header is automatically used for your requests.
    Figure 4. Bearer authorization header

Generating a new access token

When the access token expires you receive a 401: You are not authenticated! response. The bearer authorization header is still present for your requests, but the access token is expired. When this happens, you need to invalidate the expired token and generate a new access token:
  1. Look for the Authorize button at the top right corner of the Orchestrator API page. The lock should be closed.
    Figure 5. Authorize button

  2. Select Authorize and on the displayed Available authorizations page, select Logout to revoke the expired token.
    Figure 6. Available authorizations

  3. Close the Available authorizations window by selecting Close or X and then obtain an access token as described on the Obtaining an access token section.

Revoking access

When you're done working with the Swagger UI, you should invalidate the access token you've used:

  1. Look for the Authorize button at the top right corner of the Orchestrator API page. The lock should be closed, meaning you are authorized.
  2. Click Authorize and on the displayed Available authorizations page, click Logout.
  3. Close the Available authorizations window by clicking Close or X. The Authorize button shows an open lock meaning you are unauthorized.

Was this page helpful?

Support and Services
Get The Help You Need
UiPath Academy
Learning RPA - Automation Courses
UiPath Forum
UiPath Community Forum
Uipath Logo
Trust and Security
Terms of Use
Privacy Policy
Cookies Policy
© 2005-2025 UiPath. All rights reserved.