DocumentationRelease Notes
Log In
Documentation

Blue Prism

Suggest Edits

Blue Prism is a global leader in intelligent enterprise automation, improving how employees work. Blue Prism helps organizations enhance operational efficiency by enabling users to automate tasks.

This guide covers how to use Password Safe as the central repository for just-in-time access to credentials in Blue Prism processes for automation.

Password Safe provides a secure, flexible, and scalable credential provider for Blue Prism. With the additional support for Secrets Safe, organizations can provide Blue Prism users with the flexibility they need, while aligning with best practices when it comes to the protection and governance of privileged accounts.

ℹ️

Note

For more information on obtaining the integration, see Blue Prism Digital Exchange.

Create and configure the Blue Prism service account

  1. Create an API registration for Blue Prism.
  2. Add IP rules to give the Blue Prism service account access to the Password Safe API interface.
  3. Under Configuration > User Management, create a group for the service account, and assign the API registration to the group.
  4. Create a user to add to the group. For example, svc_blueprism.

ℹ️

Note

Permissions are always assigned to a group in Password Safe.

  1. To create an access policy, go to Configuration > Privileged Access Management Policies > Access Policies.

Password Safe user requests

Configure the group with the Requestor role.

  1. Add one or more managed account Smart Groups to the newly created group.
  2. Add the Password Safe Requestor role and the access policy for Blue Prism.
  3. Populate the Blue Prism inputs with the following:
    • Base URL
    • API key
    • Run As service account name
    • Managed System and Managed Account names, and Managed Account type.

Password Safe ISA (Info Sec Admin) requests

Configure the Blue Prism group with the Password Safe ISA role.

  1. For the group, add the Information security administrator role for one or more assets Smart Groups.
  2. In Blue Prism, populate the following:
    • Base URL
    • API key
    • Run As service account name
    • Managed System
    • Managed Account name
    • Managed Account type

Password Safe Secrets Safe requests

Configure the Blue Prism group with the Secrets Safe (formerly, Team Passwords) role.

ℹ️

Note

When the Password Safe and Blue Prism integration was initially set up, the feature was called Team Passwords. The feature name has since changed to Secrets Safe. The screen captures in this guide show Team Passwords.

  1. For the group, add the feature called Secrets Safe, with Read only permission.
  2. Using the process example (shown in the screen capture), provide inputs for the following:
    • Base URL
    • API key
    • Run As service account name
    • Folder name
    • Credential name

Updated 6 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.