Configure Bomgar Privileged Access for Integration with Thycotic Secret Server


You must purchase this integration separately from both your Bomgar software and your Thycotic Secret Server solution. For more information, contact Bomgar sales.

Several configuration changes are necessary on the Bomgar Appliance to integrate with Secret Server.

All of the steps in this section take place in the Bomgar /login administrative interface. Access your Bomgar interface by going to the hostname of your Bomgar Appliance followed by /login (e.g.,

Create an API Service Account - Bomgar 16.1 and Earlier

The API user account is used from within the integration to make Bomgar Command API calls to Bomgar.

  1. Go to /login > Users & Security > Users.
  2. Click Create New User and name it Integration or something similar.
  3. Leave Must Reset Password at Next Login unchecked.
  4. Set Password Expires On to Never Expires.
  5. Check Administrator.
  6. Scroll to the bottom and save the account.

Create an API Service Account - Bomgar 16.2 and Later

Management > API
API :: Accounts

  1. Go to Management > API Configuration and create a new API account.


API :: Account :: Edit

  1. Under Permissions, check Full Access to the Command API.
  2. For the Reporting API, check Allow Access to Support Session Reports and Recordings and Allow Access to Presentation Session Reports and Recordings. Also be sure to copy the values for both the OAuth Client ID and OAuth Client Secret for use in a later step.


  1. Click Add API Account to create the account.

Allow ECM Connections

PA 17.1 and Later

API :: Account :: Edit

  1. Go to /login > Management > API Configuration.
  2. Add or edit an API account.
  3. For Endpoint Credential Manager API, check Allow Access.


Prior to PA 17.1

Security :: Options :: Allow Endpoint Credential Manager Connections

  1. Go to Management > Security.
  2. Ensure the box Allow Endpoint Credential Manager Connections is checked.