Security settings

This section details the Security settings interface in the IBM RPA Control Center.

On the Security settings, you can configure the allowlist of domains or IP addresses for your IBM Robotic Process Automation tenant. This list is used to verify if the endpoint set as the callbackUrl parameter of a request to the /v2.0/workspace/{workspaceId}/projects/{projectId}/bots/{botId} API of the Bots API references an allowed domain. Note that this affects only callback action set by callbackUrl.

Before you begin

  • Your user must have permission to update tenant configuration. See the Checking user permissions topic to learn how to check your user permissions. From the default roles, Tenant administrator is the one that has the permissions above.

  • If you want to fire the Bot APIs and forget, you don't need to edit the allowlist. If you want to get the results from the HTTP request to the Bot APIs, you need to edit the allowlist to allow the proper domains or IPs that you need.

Creating an OpenAPI callback allowlist

  1. On the left menu, click on Administrator.
  2. In Tenant configuration, click on Security settings.
  3. Click on Add entry.
  4. In Entry, type the domain or the IP adress according to the example.
  5. Click on Add entry.

Editing an OpenAPI callback allowlist

After creating an OpenAPI callback allow-list, you can edit it. Here is how:

  1. On the left menu, click on Administrator.
  2. In Tenant configuration, click on Security settings.
  3. On the desired project, click the vertical ellipsis button ⋮ > Edit.
  4. In Entry, update the domain or the IP adress.
  5. Click on Save entry.

Deleting an OpenAPI callback allowlist

  1. On the left menu, click on Administrator.
  2. In Tenant configuration, click on Security settings.
  3. On the desired project, click the vertical ellipsis button ⋮ > Delete.
  4. Click on Delete entry.

⚠ Attention: This action is irreversible.