BeyondTrust logo

BeyondTrust

BeyondTrust is a cybersecurity company specializing in privileged access management (PAM) and vulnerability management solutions. Their products help organizations prevent data breaches, malware attacks, and insider threats by identifying and controlling the access of privileged users, accounts, and credentials across the enterprise.

1 APIs 8 Features
AccessAccess ManagementComplianceCredentialsPrivileged AccessSecuritySecretsZero Trust

APIs

BeyondTrust Password Safe API

The BeyondTrust Password Safe API provides programmatic access to privileged credential management, secrets management, session management, and access request workflows. It enab...

Features

Privileged Password Management

Automatically discover, manage, and rotate passwords for privileged accounts across systems.

Just-In-Time Privileged Access

Grant time-limited, approval-based access to privileged accounts minimizing standing privileges.

Secrets Safe

Store, manage, and retrieve application secrets, API keys, and credentials securely.

Session Management

Record, monitor, and control privileged remote sessions for audit and compliance.

Endpoint Privilege Management

Remove admin rights from endpoints while allowing approved applications to run.

Privileged Remote Access

Provide secure remote access to privileged systems without VPN or exposed credentials.

Vulnerability Management

Identify and prioritize vulnerabilities across the attack surface.

AD Bridge

Extend Active Directory authentication and group policies to Unix and Linux systems.

Use Cases

Zero Standing Privileges

Eliminate persistent privileged access by granting just-in-time credentials on demand.

DevOps Secrets Management

Retrieve credentials and secrets programmatically in CI/CD pipelines without hardcoded credentials.

Privileged Account Discovery

Automatically discover and on-board all privileged accounts across hybrid environments.

Compliance Reporting

Generate audit trails for all privileged access to meet SOX, PCI-DSS, and HIPAA requirements.

Ransomware Prevention

Prevent lateral movement by removing local admin rights and controlling privileged access.

Third-Party Vendor Access

Grant temporary, monitored access to vendors and contractors without sharing credentials.

Integrations

ServiceNow

Integrate access requests with ServiceNow ITSM workflows for approval management.

Active Directory

Sync users, groups, and managed accounts from Active Directory.

AWS

Manage privileged access to AWS IAM roles and EC2 instances.

Azure

Integrate with Azure Active Directory and manage Azure privileged identities.

HashiCorp Vault

Bridge BeyondTrust and HashiCorp Vault for secrets management.

Splunk

Forward audit logs and session recordings to Splunk for SIEM analysis.

Terraform

Manage BeyondTrust Password Safe resources as infrastructure as code.

Semantic Vocabularies

Beyondtrust Context

13 classes · 37 properties

JSON-LD

API Governance Rules

BeyondTrust API Rules

23 rules · 10 errors 11 warnings 2 info

SPECTRAL

Resources

🔗
LinkedIn
LinkedIn
🌐
Portal
Portal
🚀
GettingStarted
GettingStarted
👥
GitHubOrganization
GitHubOrganization
🔗
SpectralRules
SpectralRules
🔗
Vocabulary
Vocabulary
🔗
LLMsTxt
LLMsTxt

Sources

Raw ↑ 
aid: beyondtrust
url: https://raw.githubusercontent.com/api-evangelist/beyondtrust/refs/heads/main/apis.yml
apis:
- aid: beyondtrust:beyondtrust-password-safe-api
  name: BeyondTrust Password Safe API
  tags:
  - Privileged Access Management
  - Secrets Management
  - Security
  - Zero Trust
  - Credentials
  humanURL: https://docs.beyondtrust.com/
  baseURL: https://{host}/BeyondTrust/api/public/v3
  properties:
  - url: https://docs.beyondtrust.com/
    type: Documentation
  - url: https://raw.githubusercontent.com/api-evangelist/beyondtrust/refs/heads/main/openapi/beyondtrust-password-safe-api.yaml
    type: OpenAPI
  - type: NaftikoCapability
    url: capabilities/password-safe-authentication.yaml
  - type: NaftikoCapability
    url: capabilities/password-safe-credentials.yaml
  - type: NaftikoCapability
    url: capabilities/password-safe-managed-accounts.yaml
  - type: NaftikoCapability
    url: capabilities/password-safe-managed-systems.yaml
  - type: NaftikoCapability
    url: capabilities/password-safe-requests.yaml
  - type: NaftikoCapability
    url: capabilities/password-safe-secrets.yaml
  description: The BeyondTrust Password Safe API provides programmatic access to privileged credential management, secrets
    management, session management, and access request workflows. It enables organizations to implement just-in-time privileged
    access and integrate credential retrieval into automation pipelines and DevOps workflows.
name: BeyondTrust
tags:
- Access
- Access Management
- Compliance
- Credentials
- Privileged Access
- Security
- Secrets
- Zero Trust
kind: contract
image: https://kinlane-productions.s3.amazonaws.com/apis-json/apis-json-logo.jpg
access: 3rd-Party
created: '2025-02-17'
modified: '2026-05-19'
position: Consuming
description: BeyondTrust is a cybersecurity company specializing in privileged access management (PAM) and vulnerability management
  solutions. Their products help organizations prevent data breaches, malware attacks, and insider threats by identifying
  and controlling the access of privileged users, accounts, and credentials across the enterprise.
common:
- type: LinkedIn
  url: https://www.linkedin.com/company/beyondtrust
- type: Portal
  url: https://docs.beyondtrust.com/
- type: GettingStarted
  url: https://docs.beyondtrust.com/
- type: GitHubOrganization
  url: https://github.com/BeyondTrust
- type: SpectralRules
  url: https://raw.githubusercontent.com/api-evangelist/beyondtrust/refs/heads/main/rules/beyondtrust-spectral-rules.yml
- type: Vocabulary
  url: https://raw.githubusercontent.com/api-evangelist/beyondtrust/refs/heads/main/vocabulary/beyondtrust-vocabulary.yaml
- type: Features
  data:
  - name: Privileged Password Management
    description: Automatically discover, manage, and rotate passwords for privileged accounts across systems.
  - name: Just-In-Time Privileged Access
    description: Grant time-limited, approval-based access to privileged accounts minimizing standing privileges.
  - name: Secrets Safe
    description: Store, manage, and retrieve application secrets, API keys, and credentials securely.
  - name: Session Management
    description: Record, monitor, and control privileged remote sessions for audit and compliance.
  - name: Endpoint Privilege Management
    description: Remove admin rights from endpoints while allowing approved applications to run.
  - name: Privileged Remote Access
    description: Provide secure remote access to privileged systems without VPN or exposed credentials.
  - name: Vulnerability Management
    description: Identify and prioritize vulnerabilities across the attack surface.
  - name: AD Bridge
    description: Extend Active Directory authentication and group policies to Unix and Linux systems.
- type: UseCases
  data:
  - name: Zero Standing Privileges
    description: Eliminate persistent privileged access by granting just-in-time credentials on demand.
  - name: DevOps Secrets Management
    description: Retrieve credentials and secrets programmatically in CI/CD pipelines without hardcoded credentials.
  - name: Privileged Account Discovery
    description: Automatically discover and on-board all privileged accounts across hybrid environments.
  - name: Compliance Reporting
    description: Generate audit trails for all privileged access to meet SOX, PCI-DSS, and HIPAA requirements.
  - name: Ransomware Prevention
    description: Prevent lateral movement by removing local admin rights and controlling privileged access.
  - name: Third-Party Vendor Access
    description: Grant temporary, monitored access to vendors and contractors without sharing credentials.
- type: Integrations
  data:
  - name: ServiceNow
    description: Integrate access requests with ServiceNow ITSM workflows for approval management.
  - name: Active Directory
    description: Sync users, groups, and managed accounts from Active Directory.
  - name: AWS
    description: Manage privileged access to AWS IAM roles and EC2 instances.
  - name: Azure
    description: Integrate with Azure Active Directory and manage Azure privileged identities.
  - name: HashiCorp Vault
    description: Bridge BeyondTrust and HashiCorp Vault for secrets management.
  - name: Splunk
    description: Forward audit logs and session recordings to Splunk for SIEM analysis.
  - name: Terraform
    description: Manage BeyondTrust Password Safe resources as infrastructure as code.
- type: LLMsTxt
  url: https://docs.beyondtrust.com/llms.txt
maintainers:
- FN: Kin Lane
  email: [email protected]
specificationVersion: '0.19'