Active Directory integration
Blue Prism® can leverage Active Directory (AD) Domain Services to provide a range of enterprise-strength capabilities including the capability to integrate Blue Prism to use Active Directory for user authentication. In this scenario Active Directory is used to manage and control user access to the Blue Prism platform in line with existing security policies – this is the recommended approach for enterprise deployments. Furthermore, Active Directory can be used to provide inter-component message security.
The Blue Prism platform should be deployed within an Active Directory Network Infrastructure to enable a number of enterprise-strength capabilities:
- Message content security and integrity – When the Blue Prism components are deployed within an Active Directory Network Infrastructure configured with appropriate domain trusts, communication message security is enabled by default for the necessary inter-component communication. Further information on securing connections by enabling message security is provided in the Blue Prism Network Connectivity guide.
- Single sign-on for the Blue Prism platform (provided by Active Directory Domain Services) – Integrating Blue Prism with Active Directory for single sign-on (SSO) leverages the functionality of Active Directory to validate users’ access to the platform. This approach not only simplifies the login process but also aligns user access controls with existing network security policies.
- Runtime resources authenticate using a domain account – Where the Blue Prism runtime resources are configured to authenticate using a domain account, they are able to use single sign-on methods to authenticate with the business applications and systems used as part of a process automation.