Blue Prism Integration

This guide covers how to install and use the BeyondTrust DevOps Secrets Safe VBO integration for Blue Prism.


The release includes a sample process that uses the DSS VBO with the Centrix Data Solutions sample application used for Blue Prism training. To run this sample process you must point the Centrix Data Solutions VBO to a path containing the Centrix executable on your system. The Centrix Data Solutions executable is available from Blue Prism University.

Install the Integration

Follow the steps below to install and configure the release.

  1. Import the release by right-clicking on Package Overview.

Blue Prism import release selection screenshot

  1. Navigate to the location of the .brelease file and follow the onscreen steps.

Blue Prism choose input file screenshot

  1. Once the release is imported, there is a Credentials object for DevOps Secrets Safe. You must store the API Key for the Blue Prism application inside it.

Beyond Trust Credential Object in Blue Prism security credentials screenshot.

  1. There is also a generic Web API Services object for BeyondTrust DevOps Secrets Safe.

Beyond Trust API Web Service object in Blue Prism

  1. The BeyondTrust DevOps Secrets Safe VBO is located under Objects.

BeyondTrust DevOps Secret Safe available under Objects in Blue Prism

  1. An example process, Centrix Data Solutions With DSS, uses the Centrix Data Solutions example from the Blue Prism tutorial, together with an associated VBO. This is included to demonstrate how to use the BeyondTrust DevOps Secrets Safe VBO.

Location of Beyond Trust sample process in Blue Prism.

  1. The VBO Object for DevOps Secrets Safe shows the following under the Inputs tab:
    • Application Name: The name of the application as created and authorized in DSS.
    • Api Key: Generated by DSS when application for Blue Prism is created. Stored in Blue Prism Credential object.
    • Secret uri: The secret that contains the password to check out.
    • ssServer: The DNS resolvable server name for DSS.

Screen shot of data displayed under the inputs tab.

  1. The single output parameter is the returned password that must be stored in the Password Data item.

Screen short of data displayed under the outputs tab.

  1. HTTP errors display if an error is encountered.
    • For authentication:
      • 200: Successful
      • 400: Invalid request
      • 401: Failed to authenticate
      • 403: The system is sealed and must be unsealed, or DSS has rejected the request due to a safelist denial.
    • For check out:
      • 200: Success
      • 401: The user is not authorized
      • 403: The system is sealed
      • 404: The secret or scope is not found

For more information on how to authorize the application to read the intended secret, see the DevOps Secrets Safe Getting Started guide .