Configure the Secure Remote Access Appliance for Integration with Password Safe

Minimal configuration is necessary on the BeyondTrust Secure Remote Access Appliance, as follows:

Create an OAuth API Account

Create an API account to be used within Password Safe to make command API calls to the Secure Remote Access Appliance.

Screenshot of the Add Button on the API Configuration page in Privileged Remote Access /login.

  1. Navigate to /login > Management > API Configuration.
  2. Click Add.


Add an API Account in /login

  1. Check Enabled.
  2. Enter a name for the account.
  3. Copy the OAuth Client ID and OAuth Client Secret, as these are required when configuring the Secure Remote Access connection settings in Password Safe.
  4. Set the following Permissions:
    • Command API: Full Access.
    • Reporting API: Allow Access to Access Session Reports and Recordings.
    • Endpoint Credential Manager API: Allow Access.
      • If ECM groups are enabled on the site, select which ECM Group to use. ECMs that are not associated with a group come under Default.
The ECM Group feature is only present if enabled when your site is built. If it is not present, please contact your site administrator.
  1. Click Save to create the account.