Authenticating Agents and Withdrawing the Authentication

After an Agent has been installed, it is not possible to start working with it immediately. A system administrator must first authenticate it. Follow these steps to authenticate Agents.

This page includes the following:

Authenticating with Authentication Method "NO"

No manual authentication is necessary, you can change it later on.

  1. Start the Agent.

    In the background, an Agent object is automatically created in Client 0

  2. Log on to Client 0 and open the Administration perspective.
  3. Assign the required client authorizations in the Agent object if you do not use HSTA objects, see Assigning Clients to Agents.

Now it is authenticated in the Automation Engine system. Authenticated Agents display a tick in the Authenticated column on the Agents list.

Authenticating with Authentication Method "LOCAL" (Server)

  1. Log on to Client 0 and open the Administration perspective.
  2. Expand the Agents & Groups menu in the Administration pane and select Agents.

  3. Click Export Authentication Key on the toolbar.

    A file containing the Authentication Key is downloaded.

  4. Save the file containing the Authentication Key in a secure folder on the computer where the Agent runs. 

  5. In the Agent INI file enter the path and the name of the Authentication Key file in the [AUTHORIZATION] section using the InitialPackage= parameter.

  6. Start the Agent.

    It loads the Authentication Key from the downloaded file provided by the InitialPackage= parameter. Then it deletes the original file.

  7. An Agent object is automatically created in Client 0, which must be authenticated.
  8. Assign the required client authorizations in the Agent object if you do not use HSTA objects, see Assigning Clients to Agents.
  9. To authenticate the Agent:
    1. Open the Administration perspective if you are not already there.

    2. Open the list of Agents and select the one you want to authenticate.

    3. Right-click and select Authenticate Agent.

Authenticating with Authentication Method "LOCAL_REMOTE" (Server Agent)

  1. Log on to Client 0 and open the Administration perspective to create an Agent object.

    Its name must be the same as the one defined in the Agent INI file provided by the name= parameter ([GLOBAL] section) .

  2. Assign the required client authorizations in the Agent object if you do not use HSTA objects, see Assigning Clients to Agents.

  3. In the Agents list, right-click the Agent object you have just created and select Download Authentication Package.

    You need W (Write) permissions for the Agent object to be able to export the Authentication Package.

  4. Save the authentication package in a secure folder on the computer where the Agent runs.  

  5. In the Agent INI file:

    • In InitialPackage= ([AUTHORIZATION] section) enter the path and name of the Authentication Package.
  6. Start the Agent.

The Agent reads the Authentication Package file. Then it deletes the Authentication Package file. The Agent is now authenticated in the Automation Engine system.

Withdrawing the Agent Authentication

If you are applying the LOCAL or the LOCAL_REMOTE Authentication Method and you want to revoke the authentication of an Agent, you have the option to Withdraw Authentication:

  1. Log on to Client 0 and switch to the Administration perspective.
  2. Expand the Agents & Groups menu in the Administration pane and select Agents.

  3. Right-click the Agent and select Withdraw Authentication.

The Agent is disconnected and no longer authenticated.

See also: