By default, there are two pre-configured roles in Jamf Protect. You can also create additional custom roles and manually assign permissions.
- Full Admin
- Can read and write all data and settings in Jamf Protect.Note:
New users are added to the Default group in Jamf Protect during their first sign-in, where it is assigned the Full Admin role by default. Before you change the role of this group and to prevent lockout and sign-in errors, make sure you are assigned the Full Admin role using another method, such as a user-based assignment or group-based assignment from another group.
Roles with all permissions granted will also include all future permissions added by new Jamf Protect features.
- Read Only
- Can read all data and settings in Jamf Protect but cannot create or edit settings.
- Custom
- Can read or write a custom combination of settings configured within the role. Creating a custom role allows you to manually assign privileges to users.