Authenticate to BeyondTrust Remote Support (Cloud)
Remote Support can be provisioned for locally defined user Remote Support accounts or can be integrated into existing authentication sources. For instance, a commonly integrated authentication source is Microsoft Active Directory. When using a directory such as this, all authentication follows the existing controls and processes in place for safeguarding user accounts.
Additional security providers are available that allow for representative authentication using Kerberos or SAML (for single sign-on) or using RADIUS (for multi-factor authentication). Each of these providers can be configured to use LDAP groups to set the permissions for the support representative, allowing you to map existing LDAP groups to support teams in Remote Support.
There are a large number of granular permissions that can be granted to support representatives. These permissions determine which features in Remote Support a representative has access to and can require end-user prompting so that the user receiving support must approve representative actions.