Unable to get authenticated properly with UiPath CLI

[oscar-o-oneill]

Hi @thschmitt, @radu-iviniciu, @florin-szilagyi! I would love to use this software so I can automate various Orchestrator tasks by CLI.

But I am unable to get authenticated, either by client credentials or OAuth.

I am using Windows 10 with the CLI in Windows Terminal. My Orchestrator instance is in Orchestrator Cloud.

I added a new application, made it Confidential, clicked "Select all" for all of the Application scopes, saved the clientId and clientSecret and ran uipath config --auth credentials.

Then I entered all of my organization, tenant, clientId, clientSecret properly but when I run the command .\uipath.exe orchestrator users get I only get this error: Error retrieving bearer token: Token service returned status code '400' and body '{"error":"invalid_scope"}'

When I change the scopes to only OR.Administration in my external app I still get an error: { "__abp": true, "error": { "code": 0, "details": "You are not allowed to perform this operation.", "message": "You are not authorized!", "validationErrors": null }, "errorCode": 0, "message": "You are not authorized!", "result": null, "success": false, "targetUrl": null, "unAuthorizedRequest": true }

When I do a OAuth application, I get an error of "Error An unknown error has occurred. (#200)".

This OAuth app was made with the following settings.

When I add the scopes to the CLI I added all of these: OR.Administration OR.Administration.Read OR.Administration.Write OR.Analytics OR.Analytics.Read OR.Analytics.Write OR.Assets OR.Assets.Read OR.Assets.Write OR.Audit OR.Audit.Read OR.Audit.Write OR.BackgroundTasks OR.BackgroundTasks.Read OR.BackgroundTasks.Write OR.Execution OR.Execution.Read OR.Execution.Write OR.Folders OR.Folders.Read OR.Folders.Write OR.Hypervisor OR.Hypervisor.Read OR.Hypervisor.Write OR.Jobs OR.Jobs.Read OR.Jobs.Write OR.License OR.License.Read OR.License.Write OR.Machines OR.Machines.Read OR.Machines.Write OR.ML OR.ML.Read OR.ML.Write OR.Monitoring OR.Monitoring.Read OR.Monitoring.Write OR.Queues OR.Queues.Read OR.Queues.Write OR.Robots OR.Robots.Read OR.Robots.Write OR.Settings OR.Settings.Read OR.Settings.Write OR.Tasks OR.Tasks.Read OR.Tasks.Write OR.TestDataQueues OR.TestDataQueues.Read OR.TestDataQueues.Write OR.TestSetExecutions OR.TestSetExecutions.Read OR.TestSetExecutions.Write OR.TestSets OR.TestSets.Read OR.TestSets.Write OR.TestSetSchedules OR.TestSetSchedules.Read OR.TestSetSchedules.Write OR.Users OR.Users.Read OR.Users.Write OR.Webhooks OR.Webhooks.Read OR.Webhooks.Write

What exact scopes are allowed? Why am I not able to authenticate properly?

Thanks!!

[thschmitt]

Hi @oscar-o-oneill,

You are reaching the limit of the maximum number of allowed scopes for a token. Just make sure that you only add the scopes you need for your use case. As an example, you can add only the scope OR.Users.Read and execute:

uipath orchestrator users get

[thschmitt]

Closing, let me know if there is anything else I can help you with!

[oscar-o-oneill]

Hey @thschmitt, thanks for the response! I thought that I had tried that but let me try again with just one scope active.

When I read the documentation, there was no indication of how many scopes one could add.

What is the maximum number of scopes that one can add?

Thank you.