Configure Thycotic Secret Server for Integration with BeyondTrust Privileged Remote Access

 

You must purchase this integration separately from both your BeyondTrust Privileged Remote Access and Privileged Identity solutions. For more information, contact BeyondTrust sales.

Sign into Secret Server as an administrative user.

Create API Account

Admin > Users

  1. Under Admin > Users, click Create New to create a local user for API calls.

     

     

    Enable Local User Password Expiration

  2. If the API account is the only local account, it is recommended to disable local user password expiration so the ECM plugin integration does not break each time the password expires or changes. This setting is found under Admin > Configuration > Local User Passwords.

     

     

    Role Permissions

  3. Under Admin > Roles, edit the role in which the API account is a member (typically the User role). Click the role name in the list to view it, and then click the Edit button at the bottom of the page below the Permissions list.
  4. Ensure that the permission Web Services Impersonate (sometimes listed as just Impersonate) is added to the Permissions Assigned list.
  5. Click Save to update the role permissions.

 

Enable Web Services

Enable Webservices

  1. Under Admin > Configuration, select the General tab.
  2. In the Application Settings section, ensure the Enable Webservices setting is set to Yes.
  3. If not already enabled, click Edit at the bottom of the page, check the box to enable the services, and save the settings.