Reporting API

The reporting API is designed to enable you to pull reporting data in XML format, suitable for importing into external databases and applications. The data presented is the same as in the session reports of the /login administrative interface.

The reporting API is an authenticated API. For instructions on using authenticated APIs using OAuth, see Authenticate to the Privileged Remote Access API.

XML data is pulled by sending a simple HTTP request to the BeyondTrust Appliance. The request can be sent using any HTTPS-capable socket library, scripting language module, or a URL fetcher such as cURL or wget. Either GET or POST may be used as the request method.


When making consecutive API calls, you must close the connection after each API call.

The reporting API URL is

An XML schema which formally describes the format of the returned reporting data is available at

Required Parameter for Reporting API


The type of report to be generated. Report types can be any of the following:

AccessSession AccessSessionSummary
AccessSessionListing CommandShellRecording
AccessSessionRecording UserRecording

The reporting API returns XML responses that declare a namespace. If you are parsing these responses with a namespace-aware parser, you will need to set the namespace appropriately or ignore the namespace while parsing the XML.

  • Reporting API:

The above namespace is returned XML data and is not a functional URL.

Prior to 16.1, a user account was used to authenticate to the API, with the username and password being passed in the request. Starting with 16.1, this method has been deprecated and is not available to new users. Instead, one or more API accounts must be created, with their client IDs and client secrets used to generate OAuth tokens.

For users upgrading from a version prior to 16.1, the option to authenticate to the API with a user account is still available for backwards compatibility. However, it is highly recommended that you use the more secure OAuth method of authentication. If you are unable to switch to OAuth authentication, please follow the API request format described in our documentation archive.