You can assign Jamf Protect users specific permissions based on user roles and groups. User roles can be configured locally in the Jamf Protect macOS security portal or by mapping groups from your cloud identity provider (IdP).
Users can receive roles from one or more of the following methods:
- User-based assignment βRoles can be directly assigned to a user by editing the user's settings.
- Group-based assignment βGroups allow you to configure roles for a group that can include one or more users directly in Jamf Protect.
- Identity provider mappings βIdentity provider mappings allow you to use a group membership in your IdP to automatically assign roles to users in Jamf Protect.
The following shows how users can receive roles based on the available methods: