Blue Prism App server to Database connectivity currently expects a SQL ID for authorization. We will need EntraID based authentication for this. Entra ID enables RBAC Control aligned with the organization's security policies. Other reasons for having Entra ID based auth: 1. Enhanced Security - Entra ID provides strong authentication with MFA options, conditional access policies, and identity protection capabilities that go beyond traditions SQL auth. 2. Reduced Administrative overhead 3. Centralized identity management All modern Process Automation and BPM tools which are being hosted in cloud have this and with cloud-based infrastructure being the future this is an expected feature in the product. ... View more

We would like the Workspace Timeout to redirect Users automatically to logon window once they are timed out (with no windows received).  This will prevent multiple screens received when users are timed out of Workspaces.  Currently when timed out of workstation, User will receive multiple windows asking to leave or cancel.   #Workspace #Timeout #Windows Chorus BPM #Processor ... View more

We are preparing our BP upgrade and for this period of time we want to stop all schedules. There is no 'disable' (ie temporarily prevent schedules from running) schedule feature but un-/retire only. Retired schedules are a mixture of outdated schedules that might not yet be possible to delete or are kept for other reasons. There is also now was to structure schedules in groups/folders so it may also be the case that some infrequently used schedules are retired just better manage regularly executed schedules.  So the idea was to create scripts based on currently active schedules to bulk un-/retire them and also making sure the exact same schedules that have been active are unretired again, without having to keep manual separate lists and have to visually check against those lists Unfortunately there is only /startschedule and /deleteschedule parameter for automateC but there is no un-/retire parameter. So it would be great to also have /retireschedule and /unretireschedule (and also /stopschedule since this is now supported in BP UI). Setting expiration dates would also be helpful  ... View more

Currently, when editing a stage properties, or writing an expression, on the right hand-side of the window we have a data items filter: It would be really handy if this filter could have another group added - Exposure. This would help finding all environment variables, session variables, and statistic data items, and take away the need for data item naming conventions as a workaround to find them easily. ... View more

It would be preferable to have an additional setting with regards to logging and sensitive data. While logging can be disabled or set to not log the parameters, if such instance occurs where full logging has to be enabled at resource level to determine an issue - it would be ideal to have been able to set a level of logging that still would not be captured in the logs. We have many processes that deal with sensitive data and have to build numerous work arounds to get the data in a way that would not accidently be exposed in the logs. If there was a setting similar to not log parameters it would allow us to build "normally" knowing that if full logging needed to be enabled, this data would be safe from the logs. ... View more

Sorry if this idea is duplication of existing idea but we are now going to upgrade to 7.3.2 and noticed again the nice feature of being able to show details of a resource in Control. It would be great to have at least local FQDN and server FQDN selectable so we can copy the values.  ... View more

Allow a user to open up and interact with WORD documents while editing a letter in Communications. Clients often have to refer to multiple documents when creating a letter to be issued, Currently having other WORD docs open when editing a letter in Chorus Communications results in unpredictable behavior e.g. edits being lost.  ... View more

With BluePrism Hub there is a need to store and distribute the API key. If this could be automated so users can request this and rabbitmq could distribute the key. It would probably need to have an approval or HITL stage gate. Moderator note: Changed the title of this idea to sentence case.     ... View more

Raised on behalf of Antonio Mathias Kühle: We wish that it is possible to have a separate log that show all API request transactions, with all details, so you can track exactly what your request contains, and what the response was.    This log could be a page visible in the BP interface, but the easy fix is just to create a DB table or log file for this.  Important thing is that it is something you can toggle "on" "off" from API configuration settings, separately on each API.  And also important for the DB table is that you can add "number of days" to keep the logs before they are automatically deleted.  ... View more

Today Image Retrieval throws an error retrieving sources created with 'screen image capture (PNG format).' Sources must be all PDF or all TIFF. Business users regularly create sources in the PNG format. IR should convert the PNG files to TIFF or combine the PNG documents into a single file.  ... View more

Our organization sets most GDL mime type files to open in HTML Content Viewer (Word, Excel, PDF).  We appreciate all images opening in tabs within HTML CV rather than downloading the files and having multiple native applications open in separate windows. We do have one issue:  When HTML CV fails to display a file we have no way to view it.  We need a way to download the file when HTML CV is unable to display the image / file. This can similar to how HTML CV handles unknown file types or password protected files.  A prompt opens allowing the user to download the file. Alternatively the user might be able to select download from the source menu.   ... View more

When a user tries to open an email (.msg) file uploaded to Chorus, the Content Viewer (CV) window opens but the email file is not displayed in the CV window, rather the file is downloaded and then the user is prompted, by the browser, to open the file. This is OK unless the email file in question is large (e.g. contains a large attachment); when the user tries to open such a file, the CV window opens but in chromeless mode, meaning there is no visible cue that the download is running and there is a risk that after a period of time with no file opened and no cue that anything is happening the user will close the window and report that the file cannot be opened. Is it possible to show some sort of status bar in the CV window to indicate that the download is in progress? Either a custom bar or the built-in browser status bar (I believe this would require the CV window to be launched with a flag that forces download progress to be shown in the status bar). ... View more

Users have ability to suspend BUT they can use the suspend feature to take work out of quality by Suspending and then having an activate status that wakes up in a different queue.  Essentially bypassing quality. We would like the suspension feature to have additional access to restrict the activation status option or ability to add an activation status as addtional resource. Thank you ... View more

Chorus is not able to send a dynamic JSON array (that contains the object keys to delete). The length of the array is defined at design time, so in runtime there is no apparent way to populate an array with a dynamic number of object keys to delete. That is, there is no dynamic array capability within Chorus which presents a challenge for batch Chorus objects deletion. ... View more

The application passes sensitive parameters in the URL line of many of the requests. BUSINESS IMPACT: Sensitive data could be disclosed unintentionally through transmission in the URL. Description The application uses the URL to pass sensitive data from the client to the server. Data passed in the URL can be exposed because data passed in this manner ends up in unintended locations. These locations can include server logs, local browser history, and proxy logs. Reproduction Steps Using Burp Suite, navigate through the application. The application passes sensitive parameters in the URL line of many of the requests  Affected Locations HUB v4.7 and Interact 4.7 Decipher v2.3 Recommendation When sensitive data is sent, it should be ensured that POST requests are used instead of GET requests. POST data is not treated the same way as URL data is when requests are sent through systems and do not typically get cached or logged. If there are technical constraints that require data to be sent in the URL then strong encryption should be used to encrypt values. It should be ensured that part of this encryption scheme contains protection against data replay so that captured cryptographic values cannot be replayed back to the server.  References Information exposure through query strings in url | OWASP Foundation A02 Cryptographic Failures - OWASP Top 10:2021   ... View more

Feedback from our processors: Request: Using the quick search lookup we are able to save lookups, however if one of the ‘Fields’ need updating, we cannot edit it, we have to delete the field from the query and re enter it. Are we able to make it editable instead. This will allow for day to day search to be made easier, particularly ones that the date needs to be altered every day for – streamlining our processing times. ... View more

Add visual markers or color-coded highlights in the timeline to indicate where filter-triggering events occur, enabling users to quickly identify and navigate to these critical points without manual scanning. Without this feature: currently Users have to manually review each timeline to locate trigger events, leading to inefficiencies, missed insights, and reduced satisfaction with the tool. Goal: enable faster and more accurate identification of filtered events, improving user experience, boosting adoption, and accelerating decision-making. ... View more

Introduce functionality to filter timeline events based on designated points, allowing users to view only events that occur before or after a specified event (e.g., show the journey after a letter X is issued). Without this feature: users face difficulties isolating relevant parts of the timeline for analysis, leading to slower insights, increased manual effort, and a less efficient user experience. ... View more

Allow users to assign multiple categories to a single event in the timeline, enabling richer classification without the need to overwrite or remove existing tags. For example, categorize an event as both "FTE event" and "legacy tag applied." Without this feature: Users must repeatedly create or edit categories for different analyses, leading to inefficiencies, reduced flexibility, and potential loss of critical context for multi-faceted events. Goal: enhance event categorization flexibility, allowing users to perform diverse and overlapping analyses seamlessly while preserving existing tags for future use. ... View more