BeyondTrust · Capability

BeyondTrust Privileged Access Management

Unified privileged access management workflow combining Password Safe credential management, access request workflows, and secrets management. Used by security engineers and DevOps teams to manage just-in-time privileged access and secrets retrieval for automated pipelines.

Run with Naftiko BeyondTrustPrivileged Access ManagementZero TrustSecrets ManagementJust In Time Access

What You Can Do

GET

List managed accounts — List managed accounts

/v1/managed-accounts

GET

List managed systems — List managed systems

/v1/managed-systems

GET

List requests — List access requests

/v1/requests

POST

Create request — Create an access request

/v1/requests

GET

Get request credentials — Get credentials for approved request

/v1/requests/{requestId}/credentials

GET

List secrets — List secrets

/v1/secrets

POST

Create secret — Create a new secret

/v1/secrets

GET

Get secret — Get a secret value

/v1/secrets/{id}

DELETE

Delete secret — Delete a secret

/v1/secrets/{id}

MCP Tools

list-managed-accounts

List privileged accounts available for just-in-time access

read-only

list-managed-systems

List systems registered in Password Safe

read-only

list-requests

List all active privileged access requests

read-only

create-request

Create a just-in-time access request for a privileged account

get-request-credentials

Retrieve credentials for an approved privileged access request

read-only

list-secrets

List secrets stored in BeyondTrust Secrets Safe

read-only

get-secret

Retrieve a specific secret value from Secrets Safe

read-only

create-secret

Store a new secret in Secrets Safe

delete-request

Cancel and delete an access request

idempotent

Who This Is For

👤

Security Engineer

Security team member managing privileged access policies and requests

👤

DevOps Engineer

DevOps engineer retrieving secrets and credentials for CI/CD pipelines

APIs Used

beyondtrust