SlideShare a Scribd company logo
1 of 18
Download to read offline
Dev Dives
Go deeper, automate smarter
2
Meet today’s team:
Cristina Vidu
Global Manager
Marketing Community
@UiPath
Anastasia Yasevych
Product
Marketing Manager
@UiPath
3
Alexandru Crijman
Product Manager
@UiPath
Meet today’s speakers:
Nisarg Kadam
UiPath MVP & AI ambassador
4
Welcome to UiPath Dev Dives!
• Get answers to your questions and challenges. Please
use the chat box for Qs during the presentation. Live
Q&A session at the end.
• You’ll receive the recording and deck after the session.
• Bonus content from our speakers (at the end of the
session): get a step-by-step guide on how to create
an Azure app with restricted SharePoint site access.
• You're encouraged to network and share your
LinkedIn/X (formerly Twitter) handles in the chat.
• Have fun! Feedback is welcome.
5
Master advanced
authentication and
performance in
Productivity Activities
UiPath Dev Dives Webinar Series
6
Agenda
1
3
Authentication Types Supported
Connection Activities with Microsoft
365 Scope and BYOA
Connection Activities with Integration
Service and BYOA
Limit the Permission Scope in
UiPath
App Registration with Sites.Selected
in UiPath
Q&A
4
5
6
2
Introduction To
Permissions
The UiPath word mark, logos, and robots are registered trademarks owned by UiPath, Inc. and its affiliates. ©2023 UiPath. All rights reserved.
Experience permissions on
Azure
8
Delegate Permissions
Delegated Permissions (Permission on Behalf
of a User):
1. Utilized in the delegated access scenario.
2. Allow applications to act on behalf of users.
3. Applications can't access anything beyond what the
user themselves could access.
4. For instance, if an application is granted the
Files.Read.All permission, it can only read files
accessible to the user.
9
Application Permissions
Application Permissions (Permission without
a User):
1. Employed in the app-only access scenario, without
a signed-in user.
2. Applications can access any data associated with
the permission.
3. For example, an application granted Files.Read.All
permission through the Microsoft Graph API can
read any file in the tenant.
4. Generally, only an administrator or API service
principal owner can consent to these permissions.
10
Delegate Access
Delegated Access (Access on Behalf of a
User):
1. User signs into a client application.
2. Client app accesses resource on behalf of the user.
3. Requires delegated permissions.
4. Both client and user need separate authorization.
5. Correct delegated permissions (scopes) required for
client app.
6. User authorization based on granted privileges
(e.g., Microsoft Entra RBAC).
11
Application Access
App-only Access (Access without a User):
1. Application acts independently with no user signed
in.
2. Used in scenarios like automation or backup.
3. App roles used instead of delegated scopes.
4. Client app must be granted appropriate application
permissions.
5. Once granted, client app can access requested
data.
12
Difference Between Permission Types
Permission Types Delegated Permissions Application Permissions
Types of Apps Web / Mobile / Single-Page App (SPA) Web / Daemon
Access Context Gains access on behalf of a user Accesses data without a user
Who Can Consent
- Users can consent for their data <br> - Admins can consent for all
users
Only admin can consent
Consent Methods
- Static: pre-configured list on app registration <br> - Dynamic:
request individual permissions at login
- Static ONLY: pre-configured list on app registration
Other Names - Scopes <br> - OAuth2 Permission Scopes - App Roles <br> - App-Only Permissions
Result of Consent OAuth2PermissionGrant AppRoleAssignment
Authorization
User's consent is typically required, with potential for admin
intervention based on permissions requested.
Administrator's authorization is often necessary, especially for
high-privilege or organization-wide access.
Scope Details
Specifies what actions or resources the application can access on
behalf of the user.
Defines the level of access and permissions granted to the
application, often categorized into app roles.
Permission Level
Typically granular, allowing for fine-tuning of access rights based on
user roles and tasks.
Often broader and more generalized, providing overarching
access to resources or functionalities.
Dynamic Access
Can dynamically request and adjust permissions based on user
interactions or scenarios.
Permissions are usually static and defined upfront during
application registration.
13
Difference Between Consent Types
Consent Types User Consent Administrator Consent
Definition Occurs when a user signs into an application.
Required when certain permissions are requested, often by high-
privilege or application-level permissions.
Initiation Triggered by a user's attempt to sign into an application.
May be initiated by the application requesting permissions or by
certain scenarios necessitating admin intervention.
Grant Process
User provides sign-in credentials, then prompted to grant permissions if not
previously granted. Admin may need to grant consent on behalf of the user.
Admin grants consent, either for themselves or the entire
organization.
Scope Specific to user's account and permissions requested by the application.
Extends to broader permissions, often organization-wide, and
encompasses high-privilege or application-level permissions.
Application Behavior
Application functionality may be restricted if user does not grant required
permissions.
Application may not function fully until administrator grants
necessary permissions.
Prompts Users see a consent prompt detailing permissions requested.
Admins prompted to provide consent for specific permissions,
especially high-privilege ones.
Requirement Essential for accessing user-specific data or resources.
Required for granting broader access, managing application
permissions, or ensuring organizational security.
Authentication
Regular authentication flow, with potential admin intervention if required
permissions demand it.
May prompt for admin consent during authentication if high-
privilege permissions are requested.
Custom Scopes
Does not typically require admin consent unless tied to high-privilege
permissions.
Custom scopes generally do not necessitate admin consent
unless classified as high-privilege permissions.
Microsoft Graph
API
The UiPath word mark, logos, and robots are registered trademarks owned by UiPath, Inc. and its affiliates. ©2023 UiPath. All rights reserved.
15
Graph API
Microsoft Graph API:
1. Provides a unified endpoint (https://graph.microsoft.com) for accessing
people-centric data and insights across Microsoft 365, Windows, and
Enterprise Mobility + Security.
2. Enables developers to build apps supporting Microsoft 365 scenarios
using REST APIs or SDKs.
3. Offers services for managing user and device identity, access,
compliance, and security.
Microsoft Graph Connectors:
1. Funnel external data sources into Microsoft Graph services and
applications, enhancing Microsoft 365 experiences like Microsoft
Search.
2. Includes connectors for popular data sources like Box, Google Drive,
Jira, and Salesforce.
Microsoft Graph Data Connect:
1. Streamlines secure and scalable delivery of Microsoft Graph data to
Azure data stores.
2. Data serves as a foundation for building intelligent applications using
Azure development tools.
16
Date/Time Topic
April 18,
9:00 AM EST
2:00 PM GMT
Streamline document processing with UiPath Studio Web
Next steps
Bonus content: download a step-by-step guide on how to create an Azure app with restricted
SharePoint site access (link in a chat)
Join the next Dev Dives sessions:
https://bit.ly/Dev_Dives_2024
Connect with Nisarg and Alexandru on LinkedIn:
- https://www.linkedin.com/in/nisargkadam/
- https://www.linkedin.com/in/alexandru-crijman/
17
Live Q&A
Thank you
for your participation!
Join us: community.uipath.com

More Related Content

Similar to Dev Dives: Master advanced authentication and performance in Productivity Activities

Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiGirish Kalamati
 
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...Vincent Biret
 
Jira for Agile Project Management.pptx
Jira for Agile Project Management.pptxJira for Agile Project Management.pptx
Jira for Agile Project Management.pptxAbhishek Prasoon
 
Microsoft Graph API Webinar Application Permissions
Microsoft Graph API Webinar Application PermissionsMicrosoft Graph API Webinar Application Permissions
Microsoft Graph API Webinar Application PermissionsStefan Weber
 
Oracle APEX Social Login
Oracle APEX Social LoginOracle APEX Social Login
Oracle APEX Social Loginmsewtz
 
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Vincent Biret
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADuberbaum
 
#2 connected apps_calicut_31_july
#2 connected apps_calicut_31_july#2 connected apps_calicut_31_july
#2 connected apps_calicut_31_julyJohnMathewPhilip
 
Implement Authorization in your Apps with Microsoft identity platform-June 2020
Implement Authorization in your Apps with Microsoft identity platform-June 2020Implement Authorization in your Apps with Microsoft identity platform-June 2020
Implement Authorization in your Apps with Microsoft identity platform-June 2020Microsoft 365 Developer
 
Web–Based CRM Application with Interactive Graphs
Web–Based CRM Application with Interactive GraphsWeb–Based CRM Application with Interactive Graphs
Web–Based CRM Application with Interactive GraphsMike Taylor
 
Web–based crm application with interactive graphs
Web–based crm application with interactive graphsWeb–based crm application with interactive graphs
Web–based crm application with interactive graphsMike Taylor
 
Learn more about the Connected Apps | MuleSoft Mysore Meetup #19
Learn more about the Connected Apps | MuleSoft Mysore Meetup #19Learn more about the Connected Apps | MuleSoft Mysore Meetup #19
Learn more about the Connected Apps | MuleSoft Mysore Meetup #19MysoreMuleSoftMeetup
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CJoonas Westlin
 
Azure AD for browser-based application developers
Azure AD for browser-based application developersAzure AD for browser-based application developers
Azure AD for browser-based application developersBob German
 
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)gemziebeth
 
Android Permissions DemystifiedAdrienne Porter Felt, Erika.docx
Android Permissions DemystifiedAdrienne Porter Felt, Erika.docxAndroid Permissions DemystifiedAdrienne Porter Felt, Erika.docx
Android Permissions DemystifiedAdrienne Porter Felt, Erika.docxdurantheseldine
 
Understanding Authentication and Authorization in RESTful API: A Comprehensiv...
Understanding Authentication and Authorization in RESTful API: A Comprehensiv...Understanding Authentication and Authorization in RESTful API: A Comprehensiv...
Understanding Authentication and Authorization in RESTful API: A Comprehensiv...Uncodemy
 

Similar to Dev Dives: Master advanced authentication and performance in Productivity Activities (20)

Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
 
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
 
Jira for Agile Project Management.pptx
Jira for Agile Project Management.pptxJira for Agile Project Management.pptx
Jira for Agile Project Management.pptx
 
Microsoft Graph API Webinar Application Permissions
Microsoft Graph API Webinar Application PermissionsMicrosoft Graph API Webinar Application Permissions
Microsoft Graph API Webinar Application Permissions
 
Oracle APEX Social Login
Oracle APEX Social LoginOracle APEX Social Login
Oracle APEX Social Login
 
Android Security
Android SecurityAndroid Security
Android Security
 
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
 
Premier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure ADPremier Webcast - Identity Management with Windows Azure AD
Premier Webcast - Identity Management with Windows Azure AD
 
#2 connected apps_calicut_31_july
#2 connected apps_calicut_31_july#2 connected apps_calicut_31_july
#2 connected apps_calicut_31_july
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)
 
Implement Authorization in your Apps with Microsoft identity platform-June 2020
Implement Authorization in your Apps with Microsoft identity platform-June 2020Implement Authorization in your Apps with Microsoft identity platform-June 2020
Implement Authorization in your Apps with Microsoft identity platform-June 2020
 
Web–Based CRM Application with Interactive Graphs
Web–Based CRM Application with Interactive GraphsWeb–Based CRM Application with Interactive Graphs
Web–Based CRM Application with Interactive Graphs
 
Web–based crm application with interactive graphs
Web–based crm application with interactive graphsWeb–based crm application with interactive graphs
Web–based crm application with interactive graphs
 
Learn more about the Connected Apps | MuleSoft Mysore Meetup #19
Learn more about the Connected Apps | MuleSoft Mysore Meetup #19Learn more about the Connected Apps | MuleSoft Mysore Meetup #19
Learn more about the Connected Apps | MuleSoft Mysore Meetup #19
 
Introduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2CIntroduction to Azure AD and Azure AD B2C
Introduction to Azure AD and Azure AD B2C
 
API Security with OAuth2.0.
API Security with OAuth2.0.API Security with OAuth2.0.
API Security with OAuth2.0.
 
Azure AD for browser-based application developers
Azure AD for browser-based application developersAzure AD for browser-based application developers
Azure AD for browser-based application developers
 
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
Ladies Be Architects - Study Group III: OAuth 2.0 (Ep 1)
 
Android Permissions DemystifiedAdrienne Porter Felt, Erika.docx
Android Permissions DemystifiedAdrienne Porter Felt, Erika.docxAndroid Permissions DemystifiedAdrienne Porter Felt, Erika.docx
Android Permissions DemystifiedAdrienne Porter Felt, Erika.docx
 
Understanding Authentication and Authorization in RESTful API: A Comprehensiv...
Understanding Authentication and Authorization in RESTful API: A Comprehensiv...Understanding Authentication and Authorization in RESTful API: A Comprehensiv...
Understanding Authentication and Authorization in RESTful API: A Comprehensiv...
 

More from UiPathCommunity

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneUiPathCommunity
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Test Automation with Gen AI_Final_Presentation
Test Automation with Gen AI_Final_PresentationTest Automation with Gen AI_Final_Presentation
Test Automation with Gen AI_Final_PresentationUiPathCommunity
 
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...UiPathCommunity
 
Unleashing the force of AI-powered intelligent document processing
Unleashing the force of AI-powered intelligent document processingUnleashing the force of AI-powered intelligent document processing
Unleashing the force of AI-powered intelligent document processingUiPathCommunity
 
Dev Dives: Fast-track time to value with UiPath Solution Accelerators
Dev Dives: Fast-track time to value with UiPath Solution AcceleratorsDev Dives: Fast-track time to value with UiPath Solution Accelerators
Dev Dives: Fast-track time to value with UiPath Solution AcceleratorsUiPathCommunity
 
Communauté UiPath Suisse romande - Séance de janvier 2024
Communauté UiPath Suisse romande - Séance de janvier 2024Communauté UiPath Suisse romande - Séance de janvier 2024
Communauté UiPath Suisse romande - Séance de janvier 2024UiPathCommunity
 
Dev Dives: Take your developer productivity to new heights with UiPath Autopi...
Dev Dives: Take your developer productivity to new heights with UiPath Autopi...Dev Dives: Take your developer productivity to new heights with UiPath Autopi...
Dev Dives: Take your developer productivity to new heights with UiPath Autopi...UiPathCommunity
 
UiPath Document Understanding_Day 3.pptx
UiPath Document Understanding_Day 3.pptxUiPath Document Understanding_Day 3.pptx
UiPath Document Understanding_Day 3.pptxUiPathCommunity
 
Dev Dives: Automate in full power with the latest Generative AI features in U...
Dev Dives: Automate in full power with the latest Generative AI features in U...Dev Dives: Automate in full power with the latest Generative AI features in U...
Dev Dives: Automate in full power with the latest Generative AI features in U...UiPathCommunity
 
Testautomatisierung: Heatmap für SAP und Community-Austausch
Testautomatisierung: Heatmap für SAP und Community-AustauschTestautomatisierung: Heatmap für SAP und Community-Austausch
Testautomatisierung: Heatmap für SAP und Community-AustauschUiPathCommunity
 
Dev Dives: Mastering AI-powered Document Understanding
Dev Dives: Mastering AI-powered Document UnderstandingDev Dives: Mastering AI-powered Document Understanding
Dev Dives: Mastering AI-powered Document UnderstandingUiPathCommunity
 
Africa Series 2 Session 6 - UiPath ReFramework
Africa Series 2 Session 6 - UiPath ReFrameworkAfrica Series 2 Session 6 - UiPath ReFramework
Africa Series 2 Session 6 - UiPath ReFrameworkUiPathCommunity
 
Africa Series 2 Session 7 - Introduction to UiPath APIs.pdf
Africa Series 2 Session 7 - Introduction to UiPath APIs.pdfAfrica Series 2 Session 7 - Introduction to UiPath APIs.pdf
Africa Series 2 Session 7 - Introduction to UiPath APIs.pdfUiPathCommunity
 
Africa Series 2, Session 5: UiPath Document Understanding
Africa Series 2, Session 5: UiPath Document UnderstandingAfrica Series 2, Session 5: UiPath Document Understanding
Africa Series 2, Session 5: UiPath Document UnderstandingUiPathCommunity
 
Dev Dives: Supercharge testing and RPA with coded automations
Dev Dives: Supercharge testing and RPA with coded automationsDev Dives: Supercharge testing and RPA with coded automations
Dev Dives: Supercharge testing and RPA with coded automationsUiPathCommunity
 

More from UiPathCommunity (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
WomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyoneWomenInAutomation2024: AI and Automation for eveyone
WomenInAutomation2024: AI and Automation for eveyone
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
Test Automation with Gen AI_Final_Presentation
Test Automation with Gen AI_Final_PresentationTest Automation with Gen AI_Final_Presentation
Test Automation with Gen AI_Final_Presentation
 
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
Dev Dives: Leverage APIs and Gen AI to power automations for RPA and software...
 
Unleashing the force of AI-powered intelligent document processing
Unleashing the force of AI-powered intelligent document processingUnleashing the force of AI-powered intelligent document processing
Unleashing the force of AI-powered intelligent document processing
 
Dev Dives: Fast-track time to value with UiPath Solution Accelerators
Dev Dives: Fast-track time to value with UiPath Solution AcceleratorsDev Dives: Fast-track time to value with UiPath Solution Accelerators
Dev Dives: Fast-track time to value with UiPath Solution Accelerators
 
Communauté UiPath Suisse romande - Séance de janvier 2024
Communauté UiPath Suisse romande - Séance de janvier 2024Communauté UiPath Suisse romande - Séance de janvier 2024
Communauté UiPath Suisse romande - Séance de janvier 2024
 
Dev Dives: Take your developer productivity to new heights with UiPath Autopi...
Dev Dives: Take your developer productivity to new heights with UiPath Autopi...Dev Dives: Take your developer productivity to new heights with UiPath Autopi...
Dev Dives: Take your developer productivity to new heights with UiPath Autopi...
 
Azure CICD - Day1.pptx
Azure CICD - Day1.pptxAzure CICD - Day1.pptx
Azure CICD - Day1.pptx
 
DU Series - Day 4.pptx
DU Series - Day 4.pptxDU Series - Day 4.pptx
DU Series - Day 4.pptx
 
UiPath Document Understanding_Day 3.pptx
UiPath Document Understanding_Day 3.pptxUiPath Document Understanding_Day 3.pptx
UiPath Document Understanding_Day 3.pptx
 
Dev Dives: Automate in full power with the latest Generative AI features in U...
Dev Dives: Automate in full power with the latest Generative AI features in U...Dev Dives: Automate in full power with the latest Generative AI features in U...
Dev Dives: Automate in full power with the latest Generative AI features in U...
 
Testautomatisierung: Heatmap für SAP und Community-Austausch
Testautomatisierung: Heatmap für SAP und Community-AustauschTestautomatisierung: Heatmap für SAP und Community-Austausch
Testautomatisierung: Heatmap für SAP und Community-Austausch
 
Dev Dives: Mastering AI-powered Document Understanding
Dev Dives: Mastering AI-powered Document UnderstandingDev Dives: Mastering AI-powered Document Understanding
Dev Dives: Mastering AI-powered Document Understanding
 
Africa Series 2 Session 6 - UiPath ReFramework
Africa Series 2 Session 6 - UiPath ReFrameworkAfrica Series 2 Session 6 - UiPath ReFramework
Africa Series 2 Session 6 - UiPath ReFramework
 
Africa Series 2 Session 7 - Introduction to UiPath APIs.pdf
Africa Series 2 Session 7 - Introduction to UiPath APIs.pdfAfrica Series 2 Session 7 - Introduction to UiPath APIs.pdf
Africa Series 2 Session 7 - Introduction to UiPath APIs.pdf
 
Africa Series 2, Session 5: UiPath Document Understanding
Africa Series 2, Session 5: UiPath Document UnderstandingAfrica Series 2, Session 5: UiPath Document Understanding
Africa Series 2, Session 5: UiPath Document Understanding
 
Dev Dives: Supercharge testing and RPA with coded automations
Dev Dives: Supercharge testing and RPA with coded automationsDev Dives: Supercharge testing and RPA with coded automations
Dev Dives: Supercharge testing and RPA with coded automations
 

Recently uploaded

Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 

Recently uploaded (20)

Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 

Dev Dives: Master advanced authentication and performance in Productivity Activities

  • 1. Dev Dives Go deeper, automate smarter
  • 2. 2 Meet today’s team: Cristina Vidu Global Manager Marketing Community @UiPath Anastasia Yasevych Product Marketing Manager @UiPath
  • 3. 3 Alexandru Crijman Product Manager @UiPath Meet today’s speakers: Nisarg Kadam UiPath MVP & AI ambassador
  • 4. 4 Welcome to UiPath Dev Dives! • Get answers to your questions and challenges. Please use the chat box for Qs during the presentation. Live Q&A session at the end. • You’ll receive the recording and deck after the session. • Bonus content from our speakers (at the end of the session): get a step-by-step guide on how to create an Azure app with restricted SharePoint site access. • You're encouraged to network and share your LinkedIn/X (formerly Twitter) handles in the chat. • Have fun! Feedback is welcome.
  • 5. 5 Master advanced authentication and performance in Productivity Activities UiPath Dev Dives Webinar Series
  • 6. 6 Agenda 1 3 Authentication Types Supported Connection Activities with Microsoft 365 Scope and BYOA Connection Activities with Integration Service and BYOA Limit the Permission Scope in UiPath App Registration with Sites.Selected in UiPath Q&A 4 5 6 2
  • 7. Introduction To Permissions The UiPath word mark, logos, and robots are registered trademarks owned by UiPath, Inc. and its affiliates. ©2023 UiPath. All rights reserved. Experience permissions on Azure
  • 8. 8 Delegate Permissions Delegated Permissions (Permission on Behalf of a User): 1. Utilized in the delegated access scenario. 2. Allow applications to act on behalf of users. 3. Applications can't access anything beyond what the user themselves could access. 4. For instance, if an application is granted the Files.Read.All permission, it can only read files accessible to the user.
  • 9. 9 Application Permissions Application Permissions (Permission without a User): 1. Employed in the app-only access scenario, without a signed-in user. 2. Applications can access any data associated with the permission. 3. For example, an application granted Files.Read.All permission through the Microsoft Graph API can read any file in the tenant. 4. Generally, only an administrator or API service principal owner can consent to these permissions.
  • 10. 10 Delegate Access Delegated Access (Access on Behalf of a User): 1. User signs into a client application. 2. Client app accesses resource on behalf of the user. 3. Requires delegated permissions. 4. Both client and user need separate authorization. 5. Correct delegated permissions (scopes) required for client app. 6. User authorization based on granted privileges (e.g., Microsoft Entra RBAC).
  • 11. 11 Application Access App-only Access (Access without a User): 1. Application acts independently with no user signed in. 2. Used in scenarios like automation or backup. 3. App roles used instead of delegated scopes. 4. Client app must be granted appropriate application permissions. 5. Once granted, client app can access requested data.
  • 12. 12 Difference Between Permission Types Permission Types Delegated Permissions Application Permissions Types of Apps Web / Mobile / Single-Page App (SPA) Web / Daemon Access Context Gains access on behalf of a user Accesses data without a user Who Can Consent - Users can consent for their data <br> - Admins can consent for all users Only admin can consent Consent Methods - Static: pre-configured list on app registration <br> - Dynamic: request individual permissions at login - Static ONLY: pre-configured list on app registration Other Names - Scopes <br> - OAuth2 Permission Scopes - App Roles <br> - App-Only Permissions Result of Consent OAuth2PermissionGrant AppRoleAssignment Authorization User's consent is typically required, with potential for admin intervention based on permissions requested. Administrator's authorization is often necessary, especially for high-privilege or organization-wide access. Scope Details Specifies what actions or resources the application can access on behalf of the user. Defines the level of access and permissions granted to the application, often categorized into app roles. Permission Level Typically granular, allowing for fine-tuning of access rights based on user roles and tasks. Often broader and more generalized, providing overarching access to resources or functionalities. Dynamic Access Can dynamically request and adjust permissions based on user interactions or scenarios. Permissions are usually static and defined upfront during application registration.
  • 13. 13 Difference Between Consent Types Consent Types User Consent Administrator Consent Definition Occurs when a user signs into an application. Required when certain permissions are requested, often by high- privilege or application-level permissions. Initiation Triggered by a user's attempt to sign into an application. May be initiated by the application requesting permissions or by certain scenarios necessitating admin intervention. Grant Process User provides sign-in credentials, then prompted to grant permissions if not previously granted. Admin may need to grant consent on behalf of the user. Admin grants consent, either for themselves or the entire organization. Scope Specific to user's account and permissions requested by the application. Extends to broader permissions, often organization-wide, and encompasses high-privilege or application-level permissions. Application Behavior Application functionality may be restricted if user does not grant required permissions. Application may not function fully until administrator grants necessary permissions. Prompts Users see a consent prompt detailing permissions requested. Admins prompted to provide consent for specific permissions, especially high-privilege ones. Requirement Essential for accessing user-specific data or resources. Required for granting broader access, managing application permissions, or ensuring organizational security. Authentication Regular authentication flow, with potential admin intervention if required permissions demand it. May prompt for admin consent during authentication if high- privilege permissions are requested. Custom Scopes Does not typically require admin consent unless tied to high-privilege permissions. Custom scopes generally do not necessitate admin consent unless classified as high-privilege permissions.
  • 14. Microsoft Graph API The UiPath word mark, logos, and robots are registered trademarks owned by UiPath, Inc. and its affiliates. ©2023 UiPath. All rights reserved.
  • 15. 15 Graph API Microsoft Graph API: 1. Provides a unified endpoint (https://graph.microsoft.com) for accessing people-centric data and insights across Microsoft 365, Windows, and Enterprise Mobility + Security. 2. Enables developers to build apps supporting Microsoft 365 scenarios using REST APIs or SDKs. 3. Offers services for managing user and device identity, access, compliance, and security. Microsoft Graph Connectors: 1. Funnel external data sources into Microsoft Graph services and applications, enhancing Microsoft 365 experiences like Microsoft Search. 2. Includes connectors for popular data sources like Box, Google Drive, Jira, and Salesforce. Microsoft Graph Data Connect: 1. Streamlines secure and scalable delivery of Microsoft Graph data to Azure data stores. 2. Data serves as a foundation for building intelligent applications using Azure development tools.
  • 16. 16 Date/Time Topic April 18, 9:00 AM EST 2:00 PM GMT Streamline document processing with UiPath Studio Web Next steps Bonus content: download a step-by-step guide on how to create an Azure app with restricted SharePoint site access (link in a chat) Join the next Dev Dives sessions: https://bit.ly/Dev_Dives_2024 Connect with Nisarg and Alexandru on LinkedIn: - https://www.linkedin.com/in/nisargkadam/ - https://www.linkedin.com/in/alexandru-crijman/
  • 18. Thank you for your participation! Join us: community.uipath.com