The BeyondTrust integration is read-only and comes in the form of two plugins you can choose from: BeyondTrust Password Safe - Managed Accounts and BeyondTrust Password Safe - Team Passwords.
While BeyondTrust Password Safe - Managed Accounts addresses the needs of organizations with either local or Active Directory accounts, BeyondTrust Password Safe - Team Passwords is suitable in scenarios where the credentials of small groups must be stored in an isolated environment.
The configuration of the two plugins is mostly identical, but there are some slight differences as well. This page covers both plugins.
- A BeyondTrust Server Cloud instance or a similar on-premises installation
- Beyond Insight credentials
Log in to the BeyondTrust Server Cloud instance or a similar on-premises installation using your Beyond Insight credentials.
Create an API Registration for UiPath Group of Service Accounts.
- Create an Authentication Rule to allow incoming API connections from UiPath.
- Create a new Group for UiPath Service Account(s) and add the following features:
- Password Safe Account
- Password Safe Role
- You also need to assign Smart Rules:
- Managed Accounts/Read-Only/Requester are sufficient for regular User Requests
- For ISA access, Assets/ISA role is needed.
- Add the API Registration to the Group.
- Create a new User and assign the UiPath Group.
- The following steps vary based on whether you are using BeyondTrust Password Safe - Managed Accounts or BeyondTrust Password Safe - Team Passwords.
If you are using BeyondTrust Password Safe - Managed Accounts, continue with the following steps:
- Add your Managed Accounts under Managed Systems.
- Make sure to use API Enabled for your Managed Accounts.
If you are using BeyondTrust Password Safe - Team Passwords, continue with the following steps:
- Go to the Team Passwords page.
Optionally create a new Folder.
Select a Folder.
Use the Create New Credential option.
Updated 5 months ago