I believe that BitLocker policies should be set via Group Policy or Intune and the keys stored in EntraID or in Active Directory. Automate can be used to monitor BitLocker status and alert if needed. # Plugin [GitHub - automationtheory/AutomateBitlockerPlugin: A Bitlocker management plugin for Automate.](https://github.com/automationtheory/AutomateBitlockerPlugin) # If you *need* to configure and manage BitLocker from Automate 1. Check OS compatibility 2. Check hardware compatibility (TPM) 3. Enable BitLocker 4. Store and monitor recovery key Links: [Export Bitlocker Key To EDF : ConnectWise (reddit.com)](https://www.reddit.com/r/ConnectWise/comments/14rba4z/export_bitlocker_key_to_edf/) [Adding a LabTech/CWA Role Definition for Bitlocker – Gavsto.com – Everything NinjaOne, MSP and Reporting](https://www.gavsto.com/adding-a-labtech-role-definition-for-bitlocker/)