cancel
Showing results for 
Search instead for 
Did you mean: 

Exchange Web Services - Modern authentication in Blue Prism

BodeaTudor
Level 2

Dear all,

We are using EWS (Exchange web services) for all our e-mail related actions (Send, Get, Move, Flag, etc.) authenticating by basic authentication (user+password). Everything is working very smooth and stable. We are now requested to switch to modern authentication method (2 factor authentication) which we did not manage to achieve from Blue Prism.

Do you have any similar use cases, sample objects or any tips in achieving this from Blue Prism?

Any feedback would be highly appreciated!

Thank you!

Tudor



------------------------------
Bodea Tudor
RPA Project Manager
E.ON Business Services SRL
Europe/Bucharest
------------------------------
7 REPLIES 7

ewilson
Staff
Staff

@Bodea Tudor,

Have you seen the following assets on the Digital Exchange?

https://digitalexchange.blueprism.com/dx/entry/9648/solution/blue-prism-authenticator

https://digitalexchange.blueprism.com/dx/entry/3398/solution/two-steps-authentication

In a nutshell, you perform a one-time registration of the Digital Worker's Windows login. This can be done manually, for a small number of DWs, or you can build a process to handle it (I have an example I can share). After that, the DW can provide a TOTP (Time-based One Time Password) as part of a 2-factor login approach.

Cheers,


------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------

ChristianJuhl
Level 4
Did you find a solution for this? We are getting the same request.

------------------------------
Christian Juhl
Business Controller
Danske Commodities
Europe/Copenhagen
------------------------------

Hello @Christian Juhl,

If you need your digital workers to support two-factor authentication, please refer to the two assets I linked above.

Cheers,



------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------

Hello Eric,

I'm trying to implement this but I still don't quite understand how it works. Can you share the example that you mention?

Thank you.

------------------------------
Evelyn Lobos
------------------------------

Hello @EvelynLobos,

Please see the attached .BPRELEASE file. It contains two processes and two VBOs. There are other VBOs that are used that you'll need to download separately if you don't have them. They can all be found on the Digital Exchange.

There's a process and VBO that deal with the initial registration of a Digital Worker's Azure AD account for MFA/2FA. Then the other process/VBO provide an example of how the Digital Worker would log into Azure using MFA/2FA after it's been successfully registered.

Please understand, these examples were prepared based on interaction with a development sandbox on Azure, so you're mileage may vary. What I mean by that is you may have to make edits/adjustments to get things working in your environment.

PS - The Community platform doesn't recognize the .BPRELEASE extension, so I changed it to .XML. When you download the file, please change the extension back to .BPRELEASE in order to import the file into your Blue Prism environment.

Cheers,


------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------

Hello Eric,

Thank you for your answer.
I checked the example and I was had a doubt if it can also be applied in the case of making the connection through Exchange Web Services. We use a code to make the connection with EWS in background. The double authentication only works in front? Or is possible make it in background like EWS?

Best regards.

------------------------------
Evelyn Lobos
------------------------------

Hello @EvelynLobos,

After looking over some Microsoft sites, no you won't be able to perform MFA with EWS. See the linked page for details about support authentication mechanisms. It seems like the best you could work towards would be EWS with OAuth2 authentication.

https://docs.microsoft.com/en-us/exchange/client-developer/exchange-web-services/how-to-authenticate-an-ews-application-by-using-oauth

Cheers,​

------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------