Skip to main content

How To Set Up a Secure Web Service for RPA Report Access with SSL and Basic Authorization

· 3 min read
Aleyna Durmuş
RPA Team Lead

In today's digital age, software robots have become a critical component of many organizations' automation strategies. By leveraging web services, software robots can listen to requests from their developers and generate reports that can be accessed anytime.

However, setting up a web service that can securely and effectively communicate with your software robot can be challenging.

To beat this challenge, you can create a web service that would enable the robot to listen to requests and compile the results, which would be accessible via an end-point. To ensure secure communication and prevent unauthorized access, you need to add SSL (Secure Sockets Layer) and Basic Auth to the service.

In this article, you will explore the technical details involved in adding SSL and Basic Authorization to the web service, and discuss how you can overcome these challenges to implement the solution successfully.

Securing Your RPA Reports with SSL on Your Web Service (For Windows machines)

To secure your RPA reports with SSL on your web service, we recommend following these steps:

  1. Create a directory in “C:\” and name the directory as “robomotion_certificates”.

  2. Move your *.crt and *.key files to this directory.

  3. Go to “%LOCALAPPDATA%\Robomotion\config.properties” and edit the config.properties file as below. By editing this file, you will be able to change the behavior of the Core.Net.HttpIn node.

figure1

This step is necessary to ensure that the robot knows where to find the certificate files and can use them to secure communication with the web service

Once these steps are completed, your RPA developers will be able to use SSL to access the reports securely.

Basic Auth for RPA Developers: A Simple Authentication Method for Your Web Service (no machine distinction)

In addition to SSL, RPA developers may also need to implement Basic Auth for authentication purposes. Here's how we suggest doing this:

  1. Use a simple authentication method like Basic Auth, Core.Net.HttpIn node will catch the request and it will write the request headers into the “msg.headers” variable where header information comes in base64 form and needs to be decoded.

  2. To decode the “msg.headers.authorization”, you can use a javascript function or you can simply use our Encoding package. With the “Robomotion.Encoding.Base64Decode” node.

figure2

  1. After that, you can decode the information and check the result in the Core.Programming.Function node to verify username and password.

figure3

  1. Then you can use the Core.Programming.Switch node to send a successful or a failed response.

figure4

If the username and password are correct, perform the operations and return a successful response. If incorrect, return an error response indicating that the username and password are incorrect.

In conclusion, web services are more effective way of delivering results to customers compared to traditional methods such as excel sheets. This new knowledge can allow you to be more flexible in our approach to technical solutions, as you can leverage the benefits of tools like software robots and web services to create more efficient and effective processes.