# Sherpa RPA Deployment Diagram The deployment diagram of Sherpa RPA managed by the Orchestrator looks as follows:
You can download it in good quality here: The diagram describes the implementation of high-level functionality that provides automation of business processes performed on user workstations and terminal servers through robotization (simulating user actions when working with information systems). After testing, the developers of the robotization scripts transfer the scripts to a centralized management tool – the Orchestrator. Business users on their workstations launch Attended automation scenarios (requiring interactive interaction between the robot or business process and the user) on demand. The launch is carried out by selecting a scenario from the list of installed scenarios on the workstation, pressing a hotkey, and scenarios can also be launched from the local Windows scheduler and at startup. The Orchestrator launches unattended robotization scenarios (executed in terminal server accounts without user participation) based on events or incoming data from the external environment (via API), by command from the robot or business user, or according to a schedule. Robots of both types exchange logs, tasks from queues, centrally stored credentials, and shared data with the Orchestrator. During the execution of the scenario, the robot achieves the set tasks by simulating user actions (including actions with the mouse and keyboard) in the user interfaces of desktop applications, web applications (executed in the browser), as well as by interacting with the operating system and installed applications and web services using various software APIs. The robot's access level to information systems and client contours is limited and determined by the access level of the user account under which the robot performs the actions described in the scenario. For unattended robots, it is recommended to create dedicated accounts with access levels, rights, and roles defined by the business task being solved by this robot. All components of Sherpa RPA are installed locally in the Customer's network, without connection to external servers or SaaS services. The possibility and necessity for platform components to access internal and external systems are determined by the task being solved within the business process. The deployment of the developer's workstation, attended and unattended robot workstations is carried out manually using the appropriate exe installers or automatically using an msi installer with the GPO mechanism. The installation of the Sherpa Coordinator Service is performed in the administrator account of the terminal server using an exe installer. By default, the deployment of Sherpa Orchestrator is carried out using a Docker container. ## **Authentication Mechanisms** Authentication of Sherpa Attended Robot, Sherpa Unattended Robot, and Sherpa Coordinator in the Orchestrator is carried out using a Bearer Token, passed in the request headers. The Bearer Token is matched with the unique GUID of each instance of Sherpa Attended Robot, Sherpa Unattended Robot, and Sherpa Coordinator. For authenticating users of the Orchestrator web interface, authorization is performed using a username-password pair. A session cookie with a limited lifespan is used for re-login. ## **Logging** Monolog is used for logging. Audit events and system errors are saved in a dedicated database table.