DocumentationRelease Notes
Log In
Documentation

PRIVILEGED WEB ACCESS CONSOLE USER GUIDE

Suggest Edits

What is the Privileged web access console?

With the BeyondTrust privileged web access console, Information and Cyber Security teams can grant privileged users secure remote access to critical systems, even when those users do not have the ability to install software within their own desktop environments. Instead, they can access endpoints through the web-based access console. This ensures that the necessary access can always be granted and enables system owners to meet business requirements, such as system up-time and any other internal or external regulations without compromising defenses put in place to protect their organization from any sort of malicious cyber threat.

Requirements

n the privileged web access console on your system, your B Series Appliance must be running software version 15.3 or higher. The privileged web access console is supported on the following platforms and browsers:

Platforms

  • Windows
  • Macintosh
  • Linux

Browsers

  • Chrome 46+
  • Firefox 42+
  • Internet Explorer 11+
  • Safari 8+
  • Windows Edge

⚠️

Important

Your B Series Appliance must be equipped with a valid SSL certificate signed by a certificate authority. Once you have applied a CA-signed SSL certificate to your B Series Appliance, contact BeyondTrust Technical Support. Your support representative will create a new software build that integrates your SSL certificate. With this updated build installed on your B Series Appliance, you can run the BeyondTrust access console on your device to access your endpoints from virtually anywhere.

How do I access he Privileged web access console?

The privileged web access console enables you to securely add, access, edit, and remove your endpoints by connecting to them remotely through the B Series Appliance. To begin accessing endpoints using the privileged web access console, launch the console as outlined below.

Launch the privileged web access console using /console

This is the quickest way to access the web console.

  1. In the address bar of your browser, enter your BeyondTrust site hostname followed by /console, for example, access.example.com/console.
  2. Enter the username and password associated with your BeyondTrust user account.
  3. Click Login to start your web-based access console session.

FIDO2-certified authenticators can be used to securely log in to the desktop access console, privileged web access console, and the /login administrative interface without entering your password. You can register up to 10 authenticators.

If passwordless login has been enabled, Authenticate Using may default to Passwordless FIDO2, or it can be selected. The exact process for passwordless login depends on the type of device and manufacturer.

You can enable passwordless login and set the default authentication after logging into the /login administrative interface, by navigating to Management > Security, and then registering passwordless authenticators at My Account > Security. Administrators can view and manage passwordless login registration and usage at Users & Security > Users > Passwordless Authenticators

ℹ️

Note

Passwordless login for the desktop access console on macOS or Linux systems is supported only for roaming authenticators (such as the YubiKey hardware security keys). Platform or integrated authenticators (such as Face ID and fingerprint scanners) are not supported for the desktop access console login when using macOS or Linux systems.

Launch the privileged web access console using /login

ℹ️

Note

By default, this option is not available. To launch the web console from the /login administrative interface, you must navigate to Management > Security and check Allow Mobile Access Console and Privileged Web Access Console to Connect.

  1. In the address bar of your browser, enter your BeyondTrust site hostname followed by /login, for example, access.example.com/login.

  2. Enter the username and password associated with your BeyondTrust user account, and click Login, or log in using passwordless authentication.

  3. Click Consoles & Downloads in the left menu, or click the user icon in the upper-right corner of the screen. The image below shows both options selected.

    Both options for logging into the web console.

  4. Click Launch Privileged Web Access Console on the Consoles & Downloads screen or on the user options window.

  5. The privileged web access console opens in a new tab, and you can begin working with endpoints.

To log out of the access console, click the user icon in the upper-right corner of the screen and click Log Out. This does not log you out of the /login administrative interface. To log out of the /login administrative interface, click the user icon in the upper-right corner of that screen and click Log Out.

Privileged web access console preferences

The language and color scheme options visible when the user icon is clicked in the /login administrative interface affect only that interface. To set preferences in the web access console, click the user icon in the upper-right corner of the web access console, and then click Preferences. Select your preferences in the pop-up window.

Select your preferred color scheme. You can switch between Light and Dark modes, or System, which uses whatever mode is selected for your system.

Select any of the automatic options you would like to use:

  • Automatically collapse the Session Queues panel when a session is selected.
  • Automatically collapse the Jump Groups panel when a Jump Item is selected.
  • Automatically open the chat sidebar in new sessions.
  • Automatically collapse the Volumes panel when a file is selected in the File Transfer view.

Download the desktop access console

While working in the privileged web access console, you can choose at any time to download the native desktop access console to your computer.

  1. To download the native desktop access console from the privileged web access console, select Desktop Access Console located under the Active menu in the top right corner of the screen.
  2. When the installer appears, follow the instructions to install the software.

ℹ️

Note

On a Linux system, you must save the file to your computer and then open it from its download location. Do not use the Open link that appears after downloading a file from some browsers.

Updated about 1 month ago

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.