Connecting a digital workforce to your organization

This page details information for the customer or partner side responsibilities in the deployment of Blue Prism® Cloud.

Site-to-site network connection

A site-to-site network connection forms a secure, persistent connection between the customer subscribed digital workforce resources and the customer environment. The site-to-site network connection ensures that a production platform is accessible from the customer or partner end of the connection only. When configuring a site-to-site network connection, Blue Prism Cloud will configure the connection to a customer specified address range that is compatible with the customer address space. Other connectivity options are available – you can discuss these with Blue Prism Cloud Operations during your initial platform configuration.

Currently supported site-to-site connection providers are:

Azure Blue Prism Cloud platform:

  • Site-to-Site VPN
  • ExpressRoute – This requires your organization to purchase this from Azure
  • VNET Peering – This requires your organization to purchase this from Azure

Domain joining and group policies

Blue Prism Cloud is based upon a Microsoft Windows architecture. Once the site-to-site network connectivity is in place and the digital workforce deployed, resources can then be joined to the customer domain. This practice ensures connected resources can inherit customer or partner corporate standards for information and cyber security. To enable the successful operation of your digital workers, the following Group Policy settings should be enforced:



Interactive logon: Do not require CTRL+ALT+DEL


Interactive logon: Message title for users attempting to logon


Interactive logon: Message text for users attempting to log on


Do not display the lock screen


Interact authentication

By default, Interact is configured with named authentication. This means that for every user that accesses the Interact application, the user will need to be manually created and managed going forward. If required, environments can be linked to an existing LDAP Active Directory configuration for user authentication, however, users will need to be manually assigned to roles in Hub to enable access to Interact.

Interact is deployed with a self-signed certificate as standard. If the customer/partner plans to make the environment publicly available, the customer/partner should supply a certificate from a certified authority.

End user and operator access

Customer or Partner Operator access to Blue Prism Cloud is completed through either a Remote Desktop (RDP) connection or browser-based access, depending on the task to be performed.

Application installation

A digital workforce in the execution of an automated process will interact with the customer or third-party application user interfaces. For these activities to be fulfilled the digital workforce requires sufficient privileges to the applications in scope. Any applications accessed through a thick client will need to be installed onto the digital worker operating systems. The installation process is a customer led activity, and should be communicated to Blue Prism Cloud Operations who can support the customer with the process. Any firewall or network configuration required to make the thick client accessible to the internal network will need to be performed in conjunction with Blue Prism Cloud Operations. Details of all ports and protocols required will need to be supplied in advance of any configuration work, to ensure that changes are kept to a minimum.