DocumentationRelease Notes
Log In
Documentation

Configuration: OAuth authentication for agents

Suggest Edits

Configure OAuth authentication for agents with installer activation keys

Use installer activation keys to leverage OAuth authentication when configuring:

  • Endpoint Privilege Management (EPM) agents that support OAuth communications.
  • Discovery Scanner event client and central policy.

A maximum of 10 installer activation keys can be present at any one time, including the system generated key. Keys can be deleted and new ones can be created as long as no more than 10 keys exist at once.

  1. From the left sidebar, click Configuration.
  2. Under Authentication Management, click Installer Activation Keys.
  3. To use the key generated by the system:
    • Select System Generated Key.
    • Select an Installer Type: Discovery Agent or Endpoint Privilege Management Agent.
    • Copy the installation command, make any necessary edits, and use it when deploying the agent.
  4. To create a new installer key:
    • Click Create New Installer Activation Key +.
    • Enter a name for the key.
    • Click Create Activation Key.
    • Select an Installer Type: Discovery Agent or Endpoint Privilege Management Agent.
    • Copy the installation command, make any necessary edits, and use it when deploying the agent.

When creating an installer activation key for Endpoint Privilege Management:

  • Confirm the exact file name of the MSI (x86 vs x64).
  • Include BEYONDINSIGHTCERTNAME="" if they differ from PS Cloud Authentication.

ℹ️

Note

Once the endpoint communication is established with BeyondInsight, the activation key is no longer required. We recommend deleting it.

If you delete the key and an endpoint stops working and must be reconfigured, create a new installer activation key before uninstalling and reinstalling the client.

Activation keys and IDs are stored in the credential vault. When upgrading the endpoint in the future, the values are not required.

For example, if you initially run the Endpoint Privilege Management install using this command:

msiexec.exe /I PriviliegeManagementForWindows.msi /qn /norestart BI_MODE=1 BEYONDINSIGHTURL=”test” ActivationId=”test” ActivationKey=”test”

Then run the upgrade using this command:

msiexec.exe /I PriviliegeManagementForWindows.msi /qn /norestart BI_MODE=1 BEYONDINSIGHTURL=”test”

Updated 5 days ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.