Configure Thycotic Secret Server for Integration with BeyondTrust Privileged Remote Access
You must purchase this integration separately from both your BeyondTrust Privileged Remote Access and Privileged Identity solutions. For more information, contact BeyondTrust sales.
Sign into Secret Server as an administrative user.
Create API Account
- Under Admin > Users, click Create New to create a local user for API calls.
- If the API account is the only local account, it is recommended to disable local user password expiration so the ECM plugin integration does not break each time the password expires or changes. This setting is found under Admin > Configuration > Local User Passwords.
- Under Admin > Roles, edit the role in which the API account is a member (typically the User role). Click the role name in the list to view it, and then click the Edit button at the bottom of the page below the Permissions list.
- Ensure that the permission Web Services Impersonate (sometimes listed as just Impersonate) is added to the Permissions Assigned list.
- Click Save to update the role permissions.
Enable Web Services
- Under Admin > Configuration, select the General tab.
- In the Application Settings section, ensure the Enable Webservices setting is set to Yes.
- If not already enabled, click Edit at the bottom of the page, check the box to enable the services, and save the settings.