Skip to main content

PM Cloud, API PolicyEditor limitation.

  • January 26, 2026
  • 2 replies
  • 28 views
J
Forum|alt.badge.img+4

Hey All.

I’ve been working with the API for PM Cloud.
Thanks to BT for making the Policy Editing API available for PM Cloud — it works great in this first iteration, but we do need some tweaks 🤔
I’ve created a ticket with BeyondTrust because I ran into a limitation and would like to hear everyone’s thoughts.
When creating applications through the API, we are limited to using “Product Description” as the unique identifier. This prevents us from uploading applications when multiple apps share the same Product Description, even though the File Name, SHA‑256, Product Name, Publisher, etc. are different. See the sample highlighted in purple below.

Upload sample

My view is that the only criterion that can guarantee a 100% certain duplicate is the SHA‑256 value. We need some additional logic to determine what should be classified as a duplicate. For example, if the File Name, Product Name, Product Description, and Publisher are the same for executables, but the versions differ, we could still classify them as duplicates.
Without using Product Description, we can create as many duplicates as we want, and the API won’t complain.
I’d love to hear your thoughts if you’ve worked with the PM Cloud API and adding application to your EPM policy.

BlacoUpload.xml is a EPM Policy file with allowed duplicates
Duplcate Issue.PDF is the ticket
SuccessCreation.csv is a sample that uploaded creating the BlacoUpload.xml from.

Kind regards
Jens

    2 replies

    J
    BeyondTrust Employee
    • jchandler
    • BeyondTrust Employee
    • January 28, 2026

    Hello ​@Jens Hansen 

    If you have not opened an Idea for this product enhancement please open a  feature request in the Ideas Portal. Navigate to the BeyondTrust Okta homepage using the appropriate credentials to sign in. Once logged in, access the Ideas tile and create a request to submit for review by Product Management.

     

    Regards,

    John

      J
      Forum|alt.badge.img+4
      • Jens Hansen
      • Author
      • Guru
      • January 28, 2026

      Hello ​@Jens Hansen 

      If you have not opened an Idea for this product enhancement please open a  feature request in the Ideas Portal. Navigate to the BeyondTrust Okta homepage using the appropriate credentials to sign in. Once logged in, access the Ideas tile and create a request to submit for review by Product Management.

       

      Regards,

      John

      Hi John,

      I created a ticket with support for it, as I think using the “Product Description” as the lone criterion for identifying a duplicate is plane wrong, I just wanted a debate from others to what should justify a duplicate application.

      The ticket I created is with qa/dev for review and sounds like they are planning to make some changes.

      This is on the grey line for “designed” as is, but in my view it is just poor design using just the “Product Description” for unique value for duplicate apps, especially while we can allow duplicates by just deleting the “Product Description” Criterion leaving tons of real duplicates. A logic need to be created for what justifies a duplicate. The lone Criterion that should be allowed for a 100% sure duplicate is SHA-256

      Kind regards
      Jens

      Badge Earners

      • Core Concepts - Identity Insights
        DanielleShas earned the badge Core Concepts - Identity Insights
      • 10 Courses Completed - Insights
        DanielleShas earned the badge 10 Courses Completed - Insights
      • BCSE: Password Safe
        thanchanokhas earned the badge BCSE: Password Safe
      • BCIE: Endpoint Privilege Management - Windows
        TheGianthas earned the badge BCIE: Endpoint Privilege Management - Windows
      • BCA: Privileged Remote Access
        DQ2has earned the badge BCA: Privileged Remote Access
      Show all badges
      Terms & ConditionsCookie settingsAccessibility statement