BeyondTrust, formerly Bomgar, is a secure remote support application that allows technicians to login to customer devices, such as computers, phones, and tablets, to troubleshoot and manage issues. supports integration with the Remote Jump Client via the BeyondTrust Web Representative Console cloud browser version and the desktop-based Representative Console.

This section describes the initial administrator setup required to use the Bomgar integration. In brief, you will:

Enable BeyondTrust within to add the necessary background table and data structures.
Enter configuration details to enable communication between and BeyondTrust.
Add fields to the process table, typically Support Cases, to capture and hold data from BeyondTrust, including a custom action button to generate BeyondTrust Session Keys.

To integrate with BeyondTrustyou will need:

A licensed installation of the BeyondTrust Appliance and Representative Consoles. Each technician or support rep has a separate RC.
An administrator-level username and password to connect to the BeyondTrust Appliance.
The FQDN or IP address of your BeyondTrust Appliance.

Deploy and Configure the BeyondTrust Extension in

To complete the following steps, log in to your KB as an administrator.

Click the Setup gear in the top-right corner and go to Integration.
Under BeyondTrust Extension, click Deploy. It takes a few minutes for the system to add the BeyondTrust Session Details table.
When deployment is complete, the Deploy button is replaced with Configure BeyondTrust Extension.
Click Configure BeyondTrust Extension and enter the configuration details:
- BeyondTrust Appliance Host Name: Enter the FQDN/IP address, such as mycompany.beyondtrust.com.
- API User Name: Enter an admin-level BeyondTrust username to generate session keys and view reports.
- API User Password: Enter the admin user’s password.
- Confirm API User Password: Enter the password again to confirm.
- BeyondTrust Session Details Report Template: A report is generated after each individual support session based on this template. After completing a session, the report is available for download in the BeyondTrust Session Details table. As the wizard text suggests, there is a default report template that the system uses if this field is left blank, but you can upload a customized report.
Save changes.

Some special URL characters are reserved and can not be used in the password. For more information, see Percent Encoding.

BeyondTrust Session Details Table

Once you deploy and enable BeyondTrust in your KB, the system adds a BeyondTrust Session Details table. After a BeyondTrust session ends, the session information is sent to this table and the details are stored. If you don't create your own HTML report template, as mentioned above, then the reports are generated in the default report template format. By default, the system does include BeyondTrust sessions that were not launched from within your KB.

By default, the BeyondTrust Session Details table does not include BeyondTrust sessions that were launched from outside of your KB. To receive and process BeyondTrust events launched outside of the system, use the BeyondTrust Host Names or IP Addresses global variable to enter a comma-separated list of authorized host names or IP addresses.

User Setup Requirements

Technicians who will launch support sessions must exist as users in both BeyondTrust and for the system to confirm their identity and assign sessions.

One of the following requirements must be met:

The Username in BeyondTrust matches the Login in .
The Email Address in BeyondTrust matches the Email Address in .

To confirm user settings, log in to the BeyondTrust admin portal and create or edit a user on the Users & Security tab. Then confirm it matches the user record in :

Server Configuration in BeyondTrust Console

The BeyondTrust Admin Console requires the following configuration to enable to capture the events:

Login to your BeyondTrust appliance (example: mycompany.bomgar.com/login) as an admin user.
From the menu, click Management and then select Outbound Events.
Click Add New HTTP Recipient.

Choose a name and add the Server URL. The new parameter KB should match the name of the KB where the BeyondTrust Extension is enabled. If possible, use the domain name, such as example.agiloft.com, as the root of the URL, instead of the server hostname, such as ps108.agiloft.com. For example: https://example.agiloft.com/extension/bomgar/connect/bomgareventconnect?KB=[KB_NAME]

The KB parameter is mandatory in order to store details of BeyondTrust sessions which did not originate in

. In cases where BeyondTrust sessions are initiated from

, the parameter KB is optional and will not be used.

Finish the rest of the form according to your company policy and click Add Recipient.

Modify the Support Table

You will need to create a few fields in whichever table staff will work on tickets and launch BeyondTrust sessions, most commonly the Support Case or Helpdesk Case table.

The following fields are required:

BeyondTrust Session Key: Create a text or short text field to hold the Bomgar session pin.
Session Key Expiration: Create a date/time field to hold the Bomgar pin expiration.
BeyondTrust Session URL: Create a short text field to hold the session URL.
BeyondTrust Support Sessions: Create an embedded search result.
1. On the General tab, enter a Field Label and name. From the Table drop-down, select BeyondTrust Session Detail.
2. On the Permissions tab, chose the option to use a saved search. We recommend creating a search based on the current customer name, so support technicians can see all of the customer’s support sessions in the embedded table. Alternately, you might want to create a search that shows only support sessions related the current case by filtering on the logical table name and the case ID.
3. On the Display tab, choose or create a view to use. Include any fields you want to see in the Support Case or Helpdesk Case record. We recommend including the primary support technician, links to view the session recording and the session chat transcript, the start and end times, and the session status.
Generate BeyondTrust Key: Create an action button to generate the BeyondTrust session key. This button populates the session key, URL, and expiration, into the fields specified. Configuration of this action button also determines how support sessions are assigned in the BeyondTrust Appliance.
1. On the General tab of the field wizard, enter a Field label.
2. Check Execute Actions, then click Add Action.
3. In the pop-up window, click Create BeyondTrust Support Session Key Action.
4. In the action wizard:
  1. On the General tab, enter an action Name and Description.
  2. On the Session Key Generation tab, choose the three fields from the process table that hold the session key, URL, and session key expiration.
  3. On the Support Session Assignment tab, select the fields holding the customer’s name and email address. Then choose an assignment policy. In most situations, we recommend assigning sessions to the logged in power user. See below for a detailed explanation of assignment options in Assigning Support Sessions.

There is one more recommended field that isn't required:

Email BeyondTrust Session Key: Create an action button to email the session pin to the customer. This field is not required, since there are several ways to configure an email action or to share the URL and session key with a customer. Below is our recommended setup:
1. On the General tab of the field wizard, enter a Field label for the button.
2. Check Execute Actions and click Add Action.
3. In the action wizard, click Create If-Then-Else Action.
  1. On the General tab, give the action a name.
  2. Before creating the email action, we’ll check that the session key is not expired. Click Add If to begin. In the pop-up filter window, click Time. Choose the appropriate options to find session key expiration times greater than one minute old.
  3. Click Finish to return to the If-then-else wizard.
  4. Click Add Action and create a Validate Action to warn the support technician if the key is expired. Your message will say something like “The session key is expired, please generate a new key.” Click Finish to return to the If-then-else wizard.
  5. Click Add Else, then create an Email Action that sends the PIN and URL to the support customer. You can modify an existing email template or create a new one to use. Be sure to include field variables in the template to display the URL and session key fields. The completed If-then-else action will look similar to:
4. Finish and save the action and field wizards.
Instead of using the email key action button, you may share the key and URL by phone, IM, or email.

Assign Support Sessions

The action button setup determines how the session for which the key and URL are generated is assigned. You can assign BeyondTrust sessions to the:

Logged in power user: The technician who clicks the Generate BeyondTrust Session Key and URL button.
User identified in the field specified below: Use this option to assign the session to a user field in the record, typically the Assigned Person.
Team identified in the field specified below: Use this option to assign the session to an entire team. Any logged in member of the team will be able to accept the session in the BeyondTrust console. In this case, you will typically choose the Assigned Team field.
Assign session to the general queue: With this option, any representative logged into BeyondTrust can accept the session. To use this option, you must log in to the BeyondTrust Administrative Interface, go to Configuration > Options, and check the box to Enable the General Queue.
Specific team or representative name in the field specified below: This option allows you to assign a support session to a user known only in BeyondTrust. You will need another field to hold the custom value. The technician enters the value of a known Bomgar representative or team into the field before clicking the Generate Session Key action button.

Layout and Permissions

Once you have finished adding these fields, add them to the layout and set up permissions. You can arrange the layout according to your needs. The following permissions are minimally required for support reps:

view access to the BeyondTrust Session Details table.
view own/other permission to fields in the BeyondTrust Session Details table, i.e., the fields which appear in the embedded search result field.
view own/other permission to the relevant BeyondTrust fields and action buttons in the support table.

You may wish to give additional view permissions to customers, such as the ability to view or download the session’s chat transcripts.

Initiate a BeyondTrust Remote Support Session

To launch a BeyondTrust support session from the KB, a technician must:

Log into the KB and the BeyondTrust Representative Console.
Open a support case in , often on the phone with a customer.
Click the Generate BeyondTrust Session Key and URL action button, and confirm the Session Key, Session URL, and other fields have populated correctly.
Send the session key and URL to the customer via action button, phone, chat, IM, or email.
Accept the session in the BeyondTrust Console after the customer receives the key and begins the session.

Note: Technicians must end the session from the BeyondTrust Representative Console to send the details back to .

View Session Details

To view the details of a BeyondTrust session, click on the View Details link from the embedded table in the record. You can also view the details directly from the session record in the BeyondTrust Session Details table or in the BeyondTrust interface itself. Chat and session detail records remain on the BeyondTrust server for 90 days.

Launch BeyondTrust Session from a Jump Client

By enabling the proper script, it is possible for a support representative to launch a BeyondTrust session to a Jump Client that has been pinned from within . Note that the process will be different depending on whether you are accessing the desktop client, or the desktop or cloud versions of the BeyondTrust Web Representative Console. Customers can use both the cloud and desktop version of the Representative Console in a KB, by adding actions for the LaunchBomgarJumpClientSession.jar and the LaunchBomgarJumpClientCloudSession.jar.

To set up this functionality within a BeyondTrust-enabled KB:

Bomgar_jump_client_search_criteria: In either the Support Cases or Helpdesk Cases tables, create a Short Text field named bomgar_jump_client_search_criteria. Add the field to the Layout.
Launch BeyondTrust Session for Jump Client: Create an action button with a Script Action.

Label your button: Launch BeyondTrust Session for Jump Client.
In the Before Executing Actions section, select Save Record.
Select Open a URL Provided By and choose Action.

Create a Script Action. If the script is for the BeyondTrust Desktop Representative Console application to provide remote support via a BeyondTrust Jump Client session:

Under Action Name write: LaunchBomgarJumpClientSession.jar. Click Finish.

For this to work, the LaunchBomgarJumpClientSession.jar file must be available under the Scripts directory of the KB. To add the file to the directory, contact customer support and ask the representative to upload file attached below to the correct location. The path will be specified in the corresponding Script Action wizard.

Select your new action and click Finish again.

If the script is for the BeyondTrust Cloud Representative Console from the web browser to provide remote support via a BeyondTrust Jump Client session:

Under Action Name write: LaunchBomgarJumpClientCloudSession.jar. Click Finish.

For this to work, the LaunchBomgarJumpClientCloudSession.jar file must be available under the Scripts directory of the KB. To add the file to the directory, contact customer support and ask the representative to upload file attached below to the correct location. The path will be specified in the corresponding Script Action wizard.

Leave the remaining default properties and save the action button.
Add it to the layout.
Save the layout.

Open a Jump Client in as a BeyondTrust Support Representative:

Within BeyondTrust, you can pin a Jump Client in the Representative Console. For more information, see here.

Log in to as a BeyondTrust Representative, and also log into the BeyondTrust Representative Console.
In the relevant record, enter a search string that matches the Jump Client. This can be a substring of the value in the Name or Comment field in the BeyondTrust Console.
Clicking the Action Button in the browser will either download a file from the Bomgar server, which you can double-click to launch, or it will download and automatically launch a file from your BeyondTrust server.
When launched, this file automatically starts a new BeyondTrust session.