Use Jump Item Roles to Create Permission Sets for Jump Clients
A Jump Item Role is a predefined set of permissions regarding Jump Item management and usage. Jump Item Roles are applied to users from the Jump > Jump Groups page, from the Users & Security > Group Policies page, or from the Users & Security > Embassy page.
If more than one role is assigned to a user, then the most specific role for a user is always used. The order of specificity for Jump Item Roles, from most specific to least specific, is:
- The role assigned to the relationship between a user and a Jump Group on the Jump > Jump Groups page.
- The role assigned to the relationship between a user and a Jump Group on the Users & Security > Group Policies page or the Users & Security > Embassy page.
- The Jump Item Roles configured for a user on the Users & Security > Users page, the Users & Security > Group Policies page, or the Users & Security > Embassy page.
Create or edit a Jump Item Role, assigning it a name and description. Then set the permissions a user with this role should have.
Under Jump Group or Personal Jump Items, determine if users can create and deploy Jump Items, move Jump Items from one Jump Group to another, and/or delete Jump Items.
Check Start Sessions to enable users to Jump to any Jump Items they have access to.
To allow users to edit Jump Item details, check any of Edit Tag, Edit Comments, Edit Public Portal, Edit Jump Policy, Edit Session Policy, Edit Connectivity and Authentication, and Edit Behavior and Experience. Click the orange arrows under the last two options to see exactly what is affected by these fields.
Under Jump Clients Only, choose if users can set passwords on Jump Clients. Also choose if they can access password-protected Jump Clients without needing to know the password.