RPA encrypts usernames and passwords and stores them in the central database. Credentials can be updated without changing the source code, and RPA Designer processes Get Username and Password from the database and Set Secure Text to decrypt the encrypted data as needed.
In addition, each robot instance has its own credentials. Credentials are mapped to the client and any associated applications in Hyland RPA Manager. The credentials stored in the database are then immediately asymmetrically encrypted (4096 length) with the robot's public key.
When programming the bot, different systems are opened using application activities, and credentials are loaded within each activity. Hyland implements a granular approach to credential distribution, and each system can be separated into multiple applications with their own identity. For example, applications such as SAP FI and SAP MM have unique identities. This approach allows customers to automate processes where Segregation of Duty is an audit requirement.
For production systems, we recommend that the application system adds the credentials directly to the system, rather than having the user add the credentials.