Blue Prism 6.10.6: June 2023

Click this icon on the toolbar to view and download a PDF version of the release notes.

The table below summarizes the components that relate directly to this Blue Prism Enterprise release.



This release requires the Blue Prism database to be this version.

Login Agent


There have been no functional updates to the Blue Prism Login Agent. The version of Login Agent that is provided with this release of Blue Prism has the same functionality as the version provided with Blue Prism 6.7.

Browser extensions
(for Chrome and Edge):


For the latest compatibility information, see the browser compatibility matrix in the Blue Prism online help.

Authentication Gateway


Authentication Gateway version 1.0 must be installed to use Authentication Gateway with Blue Prism 6.10.6.

Download the installer from the Blue Prism Portal – select Product > Blue Prism Enterprise > Extras.

Data Gateways engine


The Data Gateways engine version 1.4 must be installed to use Data Gateways with Blue Prism 6.10.6.

Download the installer from the Blue Prism Portal – select Product > Blue Prism Enterprise > Extras.

Applying this patch release

To upgrade to this version, this patch release must be applied to all the following components throughout your Blue Prism environment for it to be operational:

Interactive clients Runtime resources Application servers




Please review the upgrade notices for more details and before upgrading to this release.

Known issues

A list of any prominent issues with this release is maintained in the knowledge base – click here for more information.

Secure development policy

(Undefined variable: General.NoPipeCompanyName)’s secure development process is a market-leading, embedded security culture, focused on delivering security excellence through four key principles:

  • Education – Providing up-to-date knowledge, information, and training to the development team.
  • Evaluation – Regular reviews of our products using industry standard frameworks and security tools.
  • Elimination – Remove potential threats through the evaluation of standards, compliance, and performance.
  • Evolution – Continued improvement of our security program, ensuring alignment with our product technologies and by reacting effectively to new and emerging threats.

(Undefined variable: General.NoPipeCompanyName) secure development is based on OWASP ASVS, ISO 27034 and GDPR Article 25 standards and practices. For more information, see (Undefined variable: General.NoPipeCompanyName)'s comprehensive secure development process.


Installation and login

Description of change


The features provided by the Browser Automation Agent are now included in the Blue Prism installer by default. The Blue Prism 6.10.6 installation wizard automatically removes the Browser Automation Agent and the associated Manifest V3 browser extensions if they have been previously installed.

Additionally, if any Manifest V3 browser extensions were previously manually installed on a given machine, they will need to be manually uninstalled before installing Blue Prism.

The removal of the Browser Automation Agent is now managed as follows:

  • During a manual installation of Blue Prism, if the Browser Automation Agent is detected, the user is prompted to uninstall it before Blue Prism Enterprise can be installed successfully. If the removal of the Browser Automation Agent fails, the Blue Prism Enterprise installation will not continue.
  • During a silent installation of Blue Prism Enterprise, the removal of the Browser Automation Agent is managed automatically. If this fails, then the user should manually uninstall it using the steps in Uninstall the Browser Automation Agent.

For more information, see the Browser Automation Agent release notes.



The CefSharp Chromium browser used to present login dialogs has been replaced with WebView2 to deliver embedded browsers more securely, as is required for using Authentication Gateway and authenticating with external authentication providers.

The WebView2 runtime must be installed locally on any machine that runs the interactive client so users can sign into Authentication Server. For more details, see




Fixes and minor improvements

Application Modeller

Description of change


An issue has been fixed when working with application elements using the Match Index attribute and the value of this index was greater than 0. The Get Element Bounds actions in Read Stages, which dynamically read values from a Java application, no longer returns incorrect values.



Previously, when launching an Edge browser via the Application Modeller, an intermittent issue occurred where the browser launched but Blue Prism could not connect to it to spy the elements. If the initial browser window remained open and the user attempted to launch Edge again via the still active Launch button in the Application Modeller, Blue Prism could successfully spy the elements, however, only in a second browser window. The issue no longer occurs and the elements can now be spied successfully the first time the Edge browser is launched.



Previously, when using the Wait > Check Exists instead of the Wait > Web Check Exists stage and condition combination, a non-repairable error message displayed instead of a repairable validation warning when the Application Modeller was set to A browser that is already running. A validation warning now displays regardless of the application type selected in Application Modeller.



Web elements can now be re‑spied correctly in Microsoft Edge Internet Explorer mode when using Active Accessibility (AA) mode in Application Modeller. Previously, issues were encountered for web elements that had originally been spied in native Internet Explorer. New elements can now also be spied using AA mode with Edge in IE mode.





Application server

Description of change

Application servers no longer need to be restarted for updated license entitlements to be reflected in System > System – License. Previously, application servers had to be restarted to account for new licenses that had been imported into the Blue Prism database.



Control Room

Description of change

An issue has been fixed where a schedule configured with an expiration date on its weekly run day in Control Room could sometimes incorrectly run past its set expiration date. In addition, this also ensures that such schedules display correctly in the Scheduler >Timetables list.



The setting to run a schedule on the first or last day of the week (by selecting the First or Last option from the On the …working day in calendar drop-down for schedules set to be run weekly) is now correctly saved to the database.



When the maximum number of concurrent sessions allocated to a user's license has been reached, scheduled sessions are no longer triggered, and a message to indicate this is added to the schedules log. Previously, if a user created a schedule which assigned a process to multiple resources, sessions were triggered on these resources even if the maximum number of sessions had been reached.



In previous Blue Prism 6.10 versions, when a runtime resource that was a pool controller lost connectivity or went offline, it continued to attempt to act as pool controller after it was restarted. This resulted in it going offline again because another runtime resource had already assumed the pool controller role. This behavior has been updated so a runtime resource which was the previous pool controller is now added to the regular resource pool after restart and another active runtime resources assumes the role of pool controller.



Blue Prism 6.5 introduced a change of behavior in work queues when a runtime resource session terminated. Work queue items with an exception were marked incomplete by the clean up process and an automatic retry was not attempted if a work queue item was left locked.

From this release, a new option called Retry items in this queue in the event of an unexpected session termination, which is disabled by default, has been added to the System > Workflow - Work Queues screen. If this option is enabled and a work queue item is left locked as a result of a runtime resource unexpectedly terminating during a session, a retry for the queue item will be automatically created when the runtime resource is restarted – this depends on the configured value of maximum retries on the queue.

As part of this enhancement, exceptions that are applied as a result of an unexpected session termination now include the description Automatically set exception on session terminated.

BP-14009 (BP-3770)

An issue has been fixed in Control Room > Queue Management, where items added to a work queue by a user in a non-UTC time zone were not always returned as expected when the queue was filtered by a specific date.


Credential manager

Description of change


To improve performance, the check whether an environment requires Federal Information Processing Standard (FIPS) compliance or not is now performed before evaluating which of the encryption schemes are currently used to encrypt data stored within the database.

The review of which encryption schemes are used to encrypt data now only occurs if FIPS compliance is required. Previously, the check occurred before it had been determined if FIPS compliance should be enforced.



Blank passwords no longer cause an error when using the /reencrypt command to update all credentials, encrypted work queue items, and resource screenshots so they use the latest encryption scheme. Previously, decryption failed for credentials that had blank passwords. Blank passwords are now handled the same way as non-blank passwords so re-encryption and decryption are always successful.

Additionally, blank passwords can now also be successfully used:

  • When creating a new credential on the Security - Credentials screen in the Blue Prism interactive client.
  • When using the Set action of the Credentials VBO in a Blue Prism process.
  • When using AutomateC to re-encrypt the data in the database after generating a new default encryption scheme.



Database settings

Description of change


An error previously displayed when refreshing management information (MI) data has been resolved by removing hard coded references to the default database schema name.



Session logs are now successfully created regardless of the number of session IDs in the database tables. Previously, a System.OverflowException occurred when attempting to write additional session logs to the database once 2.1 billion logs had been created.



Users with minimum SQL permissions can now use Get Item By ID to fetch an item by its ID. Previously, these users could not execute this procedure. For more information, see Minimum SQL permissions.




Interactive client and runtime resources

Description of change


An error no longer occurs when adding a SOAP web service and attempting to add a certificate stored under Local Machine or Current User.




Description of change


It is now possible to type Korean (Hangul) characters into the Expression field in Calculation stages. Previously, such characters could be pasted but were incorrectly displayed when typed.



An issue when using Blue Prism in the Japanese locale has been fixed where the child collection in a nested collection couldn't be opened, and an error was triggered.



Process and Object Studio

Description of change


An issue has been fixed where an output of Password data type from an action could be incorrectly stored in a Text data item. This could occur if the password was originally written to a Password data item that was later updated to be a Text data item. A check now takes place in Process and Object Studio and at runtime, and an error message displays if the data item for the password is not a Password data item.



When automating web pages in an Edge browser, if an element did not exist, an error message incorrectly indicated that more than one matching web element was found. The error occurred in the Application Modeller when using the XPath and CSS Selector web attributes which returned at least one empty element. The correct error message now displays.



An issue has been fixed in Process and Object Studio where exception messages could be displayed in the background of the window rather than the foreground during the debugging of an automation, making them difficult to locate and, potentially, easy to overlook.



Debugging an object that reads from, or writes to, an empty collection no longer incorrectly returns validation errors. Previously, running such objects in Process Studio or Object Studio incorrectly resulted in validation errors.



Clicking the information icon in a business object action or selecting the API Documentation menu option in Process and Object Studio now opens the in-product help for the relevant business object in the user's default browser. Previously, the help was opened in Internet Explorer regardless of the user's default browser.



An issue has been fixed where running a process using a Get Next Item action could cause a runtime resource to receive a work queue item from a queue that had already been picked up by another resource, and which was in the process of being updated and unlocked.

The likelihood of this issue occurring was low, as it could only occur where multiple resources were assigned to the same work queue, and one resource triggered the Get Next Item query at the exact time that another resource was in the process of committing database updates for an item in that queue. The stored procedure used by the Get Next Item action has now been updated to use the snapshot isolation feature in SQL Server. This ensures that the data read by the stored procedure is consistent with the state of the data at the start of the transaction.



An issue has been fixed where, if a process was opened in Process Studio and then an object in the process was opened, edited, and saved in Object Studio, the same object could not be edited again unless the process was first saved and closed. Users can now debug a process and edit an object multiple times without needing to save and close the process.


A validation error is no longer produced when the optional Tracking ID field (available in the input or output parameters of various stages) is empty.


Security improvements

Description of change


A potential security vulnerability related to SQL injection when using web services has been addressed.



System Manager

Description of change


The display of the logging level for each resource has now been re-introduced in the Resources list on the Resources - Management screen. This functionality was first introduced in 6.6 and incorrectly removed in 6.10.0.



Browser extension versions

The table below shows when each Blue Prism extension compatible with this release was introduced. For details of the latest browser versions Blue Prism is tested against, see the Browser extension compatibility matrix.

The Firefox browser extension is not available for installation with Blue Prism 6.10.6. The latest version of Blue Prism 6.10 that includes the Firefox extension is Blue Prism 6.10.5. For more information, see the Upgrade notices.

Browser Blue Prism extension versions Date available


Manifest V3 only:

Blue Prism 6.10.6 Browser Extension

29 June 2023

Edge Chromium

Manifest V3 only:

Blue Prism 6.10.6 Browser Extension

29 June 2023

Browser extension release notes

Description of change


Support for Manifest V2 browser extensions for Google Chrome and Microsoft Edge has been removed from the Blue PrismEnterprise 6.10.6 installer. Only Manifest V3 is supported from this version of 6.10 onwards.

The Manifest V3 MSI commands are unchanged from Blue PrismEnterprise 6.10.5 except for the version number, as follows:

msiexec /i BluePrism6.10.6_x64 ADDLOCAL=ChromePluginV3 /qn

msiexec /i BluePrism6.10.6_x86 ADDLOCAL=ChromePluginV3 /qn

msiexec /i BluePrism6.10.6_x64 ADDLOCAL=EdgePluginV3 /qn

msiexec /i BluePrism6.10.6_x86 ADDLOCAL=EdgePluginV3 /qn

msiexec /i BluePrism6.10.6_x64 ADDLOCAL=BluePrism,BPServer,ChromePluginV3,EdgePluginV3 /qn

For more information, see the Browser integration guide.


The Parent Document Loaded action, used in a Wait stage when automating a Chrome, Edge, or Firefox browser, now checks whether the parent document was loaded. Previously, it was incorrectly set to always return a true value.



Users can now activate an application using Microsoft Edge in Internet Explorer (IE) mode in the same way as when using either Edge or Internet Explorer. This is achieved by selecting the Browser-based Application (Internet Explorer) option in Application Modeller, and then pointing to an Edge application. For more details on how to continue to run IE-based processes using Edge in Blue Prism, see Microsoft Edge IE Mode.



When using ephemeral ports for browser automation, ampersands (&) are now correctly handled. Previously, any URLs that used ampersands in query parameters would be incorrectly truncated at the ampersand, and could not be navigated to correctly.


An issue has been fixed where, if using fixed ports, browser automations failed to start due to the specified port being blocked. Ports are now released correctly when a process is completed or terminated, and other runtime resources can communicate with the browser extension without having to restart the runtime resource that first used the fixed port.


The following issues that occurred when automating browser applications using an external application model have been fixed:

  • Spying or highlighting of browser elements is no longer prevented.
  • An error message no longer incorrectly displays for a Navigate stage when terminating a browser.
  • Modern browser applications are now terminated successfully. Previously, the following error message was displayed: Exception has been thrown by the target of an invocation.




An issue has been fixed where it was, incorrectly, possible to attach to a website when a browser extension was not installed, and no error was displayed. This is now no longer possible and an error message displays if this is attempted.


The way a Terminate action is performed against a browser has been changed so that the WebSocket port is now closed correctly when completely terminating a browser. Previously, if the tab being closed was the final tab, the port used for browser automation was not always closed correctly, which blocked the fixed port from being used by subsequent automations.


An issue has been fixed where it was not possible to automate a tab opened in a new window when ephemeral ports were enabled. Now, when a new tab is opened (in a new window or an existing one), Blue Prism detects if the tab was created by another tab automated by Blue Prism, and, if so, uses this relationship to select which ephemeral port to use. If a new window is manually opened, it defaults to the ephemeral port last used.

  • If a single instance of the Blue Prism interactive client automates a browser instance, it controls all windows.
  • If multiple instances of the Blue Prism interactive client are automating multiple windows, each instance automates windows spawned by tabs under its control.


An issue has been fixed where files related to the browser extension installation were incorrectly added to the Installation directory. Any redundant files have now been removed.


An issue has been fixed where the unnecessary opening, or failed closing, of WebSocket connections during browser automations using Microsoft Edge Internet Explorer (IE) compatibility mode caused subsequent browser automations to fail. The following error message displayed: The port establishing the connection to the browser extension cannot be opened. WebSocket ports are no longer opened when automating a Microsoft Edge browser running in IE compatibility mode.


An issue has been fixed where WebSockets could be left open after the termination of a browser session, resulting in users being unable to automate subsequent browser sessions on the same machine until it had been restarted. WebSockets are now reused for subsequent browser automation runs.


Debug logging has been added to record the state of WebSocket connections used for communication with browser extensions. The log records if any ports are open, and shows the location, port number, and the process holding the socket open.


The WebSocket Sharp library has been updated to improve the closing of sockets. Additionally, the following settings have been added to the Automate.config file to allow users to tailor the configuration based on their requirements:

  • <add key="BrowserAutomation.ReuseAddress" value="true" /> – Specifies whether ports, which have been previously opened but not successfully closed by other applications, should be reused. The default value is set to true, which means Blue Prism will reuse such ports.
  • <add key="BrowserAutomation.DontLinger" value="false" /> – Specifies whether a socket should remain open for a specified amount of time after a closesocket function call to enable queued data to be sent. The default value is set to false, which means the socket will remain open for a specified amount of time.
  • <add key="BrowserAutomation.RecreateServer" value="false" /> – Specifies whether a new instance of the WebSocket server should be opened every time Blue Prism attaches to a web browser to connect to the browser, rather than keep the same instance for the lifetime of the process. The default value is set to false, which means Blue Prism will not create a new WebSocket server every time


When Blue Prism attempts to start a browser automation on a port that is already in use, the following error message now displays: The port establishing the connection to the browser extension cannot be opened. Previously in this scenario, a browser extension not detected error was incorrectly displayed.


The Firefox browser extension is not available for installation in this release. For more information, see the upgrade notices.