Server logo

Self-hosted data source for Devolutions RDM

Centralize connections, credentials, and privileged access—without
sacrificing usability.

Server screenshot

Store RDM connections and credentials in Devolutions Server

Devolutions Server acts as a self-hosted data source, adding identity and access control to the Devolutions Remote Desktop Manager (RDM) experience technicians already know and trust.

RDM reads directly from Devolutions Server, allowing teams to work in RDM while Server securely manages data storage and security policies in the background.

Enable single sign-on for RDM by using Devolutions Server as the data source, backed by identity providers such as Microsoft Entra ID and Okta.

Enforce role-based access in RDM by defining roles, groups, and permissions in Devolutions Server; technicians only see and use the entries that match their responsibilities.

Allow RDM to access an offline cache of Devolutions Server data when enabled by administrators.

Open sessions with RDM with one-click credential injection using entries stored in Devolutions Server. No context-switching, no copy-pasting.

See Devolutions Server in action

Deploy PAM on-prem with Devolutions Server

When your organization is ready to go beyond remote connections and credential management, Devolutions Server integrates with Devolutions PAM to deliver self-hosted privileged access management. Discover privileged accounts, enforce checkout workflows, rotate passwords automatically, and record sessions without heavy infrastructure or long deployment projects.

Account discovery icon

Account discovery

Automatically discover privileged accounts from identity providers, and bring them under centralized governance to reduce risk and eliminate unmanaged credentials.

Automated password rotation icon

Automated password rotation

Apply automated rotation policies to privileged credentials to ensure passwords are changed regularly, reduce credential exposure, and meet security and compliance requirements without manual effort.

Devolutions Server and PAM integration diagram
Checkout and session access icon

Checkout, approval, and session access

Enforce just-in-time access to privileged accounts with request and approval workflows, secure session brokering through Devolutions Gateway, and full visibility into who accessed what, when, and why.

Monitoring and auditing icon

Monitoring and auditing

Record and review privileged sessions with detailed activity logs and audit trails to support investigations, demonstrate compliance, and satisfy regulatory requirements.

Centralized password management for your entire organization

Devolutions Server also functions as a self-hosted password manager for teams that need to share credentials safely. Replace spreadsheets and browser-saved passwords with structured vaults, policies, and auditing that scale with your workforce.
Flexible entry types
Flexible entry types
Store website logins, server and application accounts, certificates, and other secrets in structured entries that are easy to search, organize, and maintain.
Identity and sign-in
Identity and sign-in
Use single sign-on (SSO) with Windows Active Directory, Microsoft Entra ID, or supported third-party identity providers, and simplify onboarding with import and lifecycle management.
Access control and permissions
Access control and permissions
Apply role-based access control (RBAC) and directory group integration to define who can view, use, or modify credentials, using built-in or custom permission sets.
Security policies
Security policies
Enforce conditional access rules such as time-based authorization and GeoIP restrictions to align with your organization's security standards.
Identity and MFA options
Identity and MFA options
Integrate with Microsoft Entra ID and Okta, enforce multi-factor authentication, and use security keys, TOTP, and push approvals through Devolutions Workspace.
Audit and reporting
Audit and reporting
Capture detailed activity logs and audit trails so you can quickly answer who accessed which credentials, when changes occurred, and how entries are being used.

Devolutions Server from every angle

See how Devolutions Server fits alongside Devolutions Remote Desktop Manager, Devolutions PAM, Devolutions Gateway, and Devolutions Workspace in real deployment scenarios. The gallery highlights common setups and workflows.

Resources

For teams that need deeper technical details, these resources cover Devolutions Server's security and encryption model, technical specifications, and more.

Devolutions Server FAQ

What sets Devolutions Server apart from other solutions, and where does it fit in the Devolutions ecosystem?

Self-hosted, budget-friendly, and easy to deploy, Devolutions Server is a comprehensive credential management solution designed for IT professionals. While it can serve as merely a data source or basic credential manager, its advanced features make Devolutions Server an excellent gateway for organizations looking to evolve toward privileged access management (PAM). Core to the Devolutions ecosystem, Devolutions Server integrates deeply with Remote Desktop Manager, Devolutions Workspace, the PAM module, and Devolutions Gateway to deliver powerful capabilities including role-based access controls, just-in-time privilege elevation, password rotation, and web-based remote sessions.

Devolutions Server provides an accessible starting point while paving the way for enhanced security and control as organizations scale their PAM initiatives.

What environments are compatible with Devolutions Server?

Devolutions Server supports physical and virtual servers (such as Azure or Amazon Web Services). A Devolutions Server instance can be installed on a Windows Server, and supports managed MSSQL databases. Linux support is currently in beta.


How easy is it to install Devolutions Server?

  • Back up encryption keys across Devolutions Server instances to ensure data accessibility. Licenses are stored internally in the database and are accessible upon restoration.

HA support is available but depends on your environment and technologies. Currently, it is limited to Windows-based deployments.

Devolutions Server includes built-in notifications and comprehensive logging options. Alerts can be configured for specific server actions and user activities. Logs can be generated and sent to syslog, Slack, Windows Event Viewer, or Microsoft Sentinel. The System Dashboard provides a centralized view to help monitor server health, activity, and alerts in real time.

Updates are released regularly, with three major updates per year. Upgrades are performed manually to give customers control, and remote session support is available for paid subscriptions. Deployment is straightforward using the Devolutions Console, and can typically be completed in under an hour. A Devolutions Server instance can operate entirely on a single IIS server, with an MSSQL Express or higher database on the same system, or distributed across multiple servers as needed.

What identity providers are available for authentication?

Devolutions Server integrates with Active Directory, Microsoft Entra ID (formerly Azure Active Directory), PingOne, and Okta for user authentication. Internal users are also supported for scenarios involving contractors, disaster recovery, or other external users.


What multi-factor authentication (MFA) options are available?

Devolutions Server supports MFA through TOTP apps, YubiKey, email, SMS (via Twilio), Duo, or Radius.

For organizations using Active Directory, Microsoft Entra ID (formerly Azure Active Directory), Okta, or PingOne for authentication, MFA options are available through the external identity provider.

Does Devolutions Server offer an API?

Yes, Devolutions Server offers a REST API for operations like retrieving a password for down-level systems, and an extensive PowerShell module for further entry and management options.

How can I organize entries in Devolutions Server?

Entries can be organized in vaults, and into tree-like folders within vaults, offering logical separation. Inheritance at the vault and folder levels simplifies management, and entries can be linked for streamlined updates.


Is there a limit to the number of entries that Devolutions Server can handle, such as credentials and sessions?

Devolutions Server does not impose a limit on the number of credentials, folders, or sessions you can create. For optimal performance, we recommend limiting each vault to a maximum of 4,000 entries, and creating multiple vaults to logically separate sessions as needed.


How many users can concurrently access an entry in Devolutions Server?

There is no limit to the number of users who can view an entry.


How many users can concurrently access an entry?

There is no limit to the number of users who can view an entry. To preserve the integrity of entries being edited, editing access is restricted to one user at a time.


How does Devolutions Server support business continuity and disaster recovery?

Devolutions Server offers several tools for managing disaster scenarios and outages affecting infrastructure and/or Devolutions Server:

  • Export entries on a schedule using PowerShell (we recommend storing them encrypted at rest in a physically secured location);
  • Use an internal Devolutions Server user in an authentication outage, such as losing Active Directory or Microsoft Entra ID (Azure);
  • Perform scheduled database backups for rapid restoration;
  • Back up encryption keys across Devolutions Server instances to ensure data accessibility. Licenses are stored internally in the database and are accessible upon restoration.

Does Devolutions Server support high availability (HA)?

HA support is available but depends on your environment and technologies. Currently, it is limited to Windows-based deployments.


What alerting, monitoring, and logging options are available in Devolutions Server?

Devolutions Server includes built-in notifications and comprehensive logging options. Alerts can be configured for specific server actions and user activities. Logs can be generated and sent to syslog, Slack, Windows Event Viewer, or Microsoft Sentinel. The System Dashboard provides a centralized view to help monitor server health, activity, and alerts in real time.


How often is Devolutions Server updated, is it automatic, and what support is available for upgrades?

Updates are released regularly, with three major updates per year. Upgrades are performed manually to give customers control, and remote session support is available for paid subscriptions.

To facilitate safe client upgrades to Devolutions Remote Desktop Manager, Devolutions Server can be set to an offline state.


What technical support is offered?

Standard technical support is included with all paid licenses. Extended and premium support is also available, offering phone support and dedicated customer success managers.

Join our newsletter

Newsletter Banner

Stay up to date on everything Devolutions, from security news to upcoming events, product updates, tips and tricks, and more!