Log in to the PRA Administrative Interface


The user administrative interface enables administrators to create user accounts and configure software settings. Log in to the user administrative interface by going to your B Series Appliance's URL followed by /login.

Although your B Series Appliance's URL can be any registered DNS, it is most likely a subdomain of your company's primary domain, for example, access.example.com/login.

Default Username: admin

Default Password: password

For security purposes, the administrative username and password used for the /appliance interface are distinct from those used for the /login interface and must be managed separately.

When logging into the administrative interface for the first time, BeyondTrust Cloud administrators are required to click through and accept the BeyondTrust EULA.

If two-factor authentication is enabled for your account, enter the code from the authenticator app.

If more than one language is enabled for your site, select the language you want to use from the dropdown menu.

You can also change the language of your choice after you login to the admin site.

For more information, please see Log into the PRA Access Console.

Use Passwordless Login

FIDO2-certified authenticators can be used to securely log in to the desktop access console, privileged web access console, and the /login administrative interface without entering your password. You can register up to 10 authenticators.

If passwordless login has been enabled, Authenticate Using may default to Passwordless FIDO2, or it can be selected. The exact process for passwordless login depends on the type of device and manufacturer.

You can enable passwordless login and set the default authentication after logging into the /login administrative interface, by navigating to Management > Security, and then registering passwordless authenticators at My Account > Security. Administrators can view and manage passwordless login registration and usage at Users & Security > Users > Passwordless Authenticators

Passwordless login for the desktop access console on macOS or Linux systems is supported only for roaming authenticators (such as the YubiKey hardware security keys). Platform or integrated authenticators (such as Face ID and fingerprint scanners) are not supported for the desktop access console login when using macOS or Linux systems.

Use Integrated Browser Authentication

If Kerberos has been properly configured for single sign-on, you can click the link to use integrated browser authentication, allowing you to enter directly into the web interface without requiring you to enter your credentials.

Forgot your password?

If password reset has been enabled from the /login > Management > Security page and the SMTP server has been set up for your site, this link is visible. To reset your password, click the link, enter and confirm your email address, and then click Send. If there is more than one user sharing the same email address, you are required to confirm your username. You will receive an email with a link that takes you back to the login page. On the login screen, enter and confirm your new password, and then click Change Password.

Login Agreement

Administrators may restrict access to the login screen by enabling a prerequisite login agreement that must be confirmed before the login screen is displayed. The login agreement can be enabled and customized from the /login > Management > Site Configuration page.