Configure Privileged Remote Access for Integration with Password Safe

Minimal configuration is necessary on the BeyondTrust Appliance B Series, as follows:

Create an OAuth API Account

The Password Safe API account is used from within Password Safe to make Privileged Remote Access Command API calls to Privileged Remote Access.

Screenshot of the Add Button on the API Configuration page in Privileged Remote Access /login.

  1. In /login, navigate to Management > API Configuration.
  2. Click Add.


Screenshot of the Add an API Account page in Privileged Remote Access /login.

  1. Check Enabled.
  2. Enter a name for the account.
  3. OAuth Client ID and OAuth Client Secret are used during the OAuth configuration step in Password Safe.
  4. Set the following Permissions:
    • Command API: Full Access.
    • Reporting API: Allow Access to Access Session Reports and Recordings.
    • Endpoint Credential Manager API: Allow Access.
      • If ECM groups are enabled on the site, select which ECM Group to use. ECMs that are not associated with a group come under Default.
The ECM Group feature is only present if enabled when your site is built. If it is not present, please contact your site administrator.
  1. Click Save at the top of the page to create the account.