BeyondTrust Integration

The BeyondTrust integration is read-only and comes in the form of two plugins you can choose from: BeyondTrust Password Safe - Managed Accounts and BeyondTrust Password Safe - Team Passwords.

While BeyondTrust Password Safe - Managed Accounts addresses the needs of organizations with either local or Active Directory accounts, BeyondTrust Password Safe - Team Passwords is suitable in scenarios where the credentials of small groups must be stored in an isolated environment.

The configuration of the two plugins is mostly identical, but there are some slight differences as well. This page covers both plugins.

Prerequisites

A BeyondTrust Server Cloud instance or a similar on-premises installation
Beyond Insight credentials

Configuring the Integration

Log in to the BeyondTrust Server Cloud instance or a similar on-premises installation using your Beyond Insight credentials.
Create an API Registration for UiPath Group of Service Accounts.
Create an Authentication Rule to allow incoming API connections from UiPath.
Create a new Group for UiPath Service Account(s) and add the following features:
- Password Safe Account
- Password Safe Role
You also need to assign Smart Rules:
- Managed Accounts/Read-Only/Requester are sufficient for regular User Requests
- For ISA access, Assets/ISA role is needed.
Add the API Registration to the Group.
Create a new User and assign the UiPath Group.
The following steps vary based on whether you are using BeyondTrust Password Safe - Managed Accounts or BeyondTrust Password Safe - Team Passwords.