Security ( Credentials )

Agent and Asset Credentials

Openbots agent credentials are stored in the server under the Credentials tab. To create a new credential, we need to mention Domain ( machine name ), Name, Provider, Username, and password by clicking on the “ Add Credential” button under the Credentials tab in the Openbots server.

On the Server side, the credentials are stored in an SQL database using the same encryption used to store ASP.Net users. The algorithm used to protect the password on the server end is PBKDF2 with HMAC-SHA256 encryption.

To store the agent credentials on the user’s machine password is encrypted in the registry using the protected data protect method of C# programming with the machine’s MAC address as additional entropy.

The “Name” field should contain any random value that uniquely identifies the credential entry, the provider is selected as Active Directory, Domain is the machine name, user and password will be the one that bot would use to create a session on the machine and perform bot processing. The same user and password would be used in agent configuration while setting up the Openbots Agent on a machine.

Once the necessary information is entered, there will be a new entry created in the “All Credentials” tab on the Openbots server. We can view and edit the credential information anytime with an admin privilege. We can delete the credential using the same window.

The credentials are stored using a hashing algorithm, so a secret password is kept encrypted when stored on the Openbots server.

In the same way, we can create credentials to be used as an asset within an Openbots studio project. We can mention the network domain, username, and password which can be imported in any Openbots project using Get-Credential activity.