Skip to main content

         This documentation site is for previous versions. Visit our new documentation site for current releases.      

Integration with Password Safe

Updated on October 19, 2022

Integrate with Password Safe, by adding the following items to your BeyondTrust implementation:

Assign applications to managed accounts to identify the way the credential is to be used. The following reserved application names are required:
  • RegistrationOperator
  • WindowsUser
  • RuntimeUser
An attribute type and attributes
Defines certain system behaviors. Set up an attribute named Pega to store system parameters. Use the following attributes, as needed, to customize how the system responds.
  • UseCurrentUserForCredStore — Forces requests made for credentials through the Credential Store component to use the logged-in user.
  • UseCurrentUserForASO — Forces requests made for credentials through the ASO Manager component to use the logged-in user.
  • NoRunasUserPassword — No password is required for Runas users. You typically include this attribute when the UseCurrentUserForCredStore or UseCurrentUserForASO attributes are in use.
API keys
Required for the integration to retrieve credentials. There must be at least one API key, but the best practice is to provision multiple API keys and provide a more granular level of access control.
User groups
Required to control access to credentials. You can use existing user groups if appropriate. In BeyondTrust, access to specific credentials is granted at the user-group level.
You can use Microsoft Active Directory users to authenticate ASO Manager and Credential Store requests. A user who belongs to a user group is required to retrieve credentials.
Assets are containers for managed accounts. Assets can be a computer or a container for a group of credentials for an application. The credential use case determines the proper type of container.
Managed accounts
The credential entries are stored as managed accounts.

You can use your preferred method for grouping managed accounts in BeyondTrust. For example, you can use Smart Groups or Quick Groups.

  • Previous topic Understanding how Robot Runtime retrieves credentials from BeyondTrust
  • Next topic Integration with Pega Access (Optional)

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best. is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us