Skip to main content

Required Jamf Pro Account Permissions

In order for App Portal to be successfully integrated with Jamf Pro, your Jamf Pro account needs to have a specific set of minimum permissions. To define permissions on your Jamf Pro account, perform the following steps:

  1. Launch Jamf Pro and login using your Jamf Pro account.

  2. On the Jamf Pro home page, click the Settings “gear” icon at the top right: The System Settings tab opens.

  3. Click Jamf Pro User Accounts & Groups. The Jamf Pro User Accounts & Groups page opens.

  4. Click on the name of your Jamf Pro account. The Account tab of the account settings page opens.

    note

    In some versions of Jamf Pro, the Access Status field may be named Access Level. If so, set Access Level to Full Access.

    info

    If your Jamf Pro system account does not have Administrator privileges, then App Portal will be unable to integrate with Jamf Pro.

  5. Open the Privileges tab. The Jamf Pro Server Objects subtab of the Privileges tab opens.

  6. On the Jamf Pro Server Objects subtab, click Edit and make sure that the following permissions are selected:

    ObjectPermission
    CategoriesCreate (optional)
    Read
    Update (optional)
    ComputersRead
    File Share Distribution PointsRead
    PackagesRead
    PoliciesCreate
    Read
    Update
    Static Computer GroupCreate
    Read
    Update

    The table below lists the minimum permissions required for the user account in Jamf Pro to integrate with or execute different functionalities within App Portal / App Broker.

    ActionPurposePermission
    Test ButtonCheck existence of category, policy template, and computer group templateREAD Categories, READ Policies, READ Static Computer Groups (OPTIONAL: CREATE Categories to create category if category does not already exist)
    Data SyncRetrieve device information and user associationsREAD Computers
    Software DeploymentAllow creation of software catalog items for Mac devices and automatic delivery of that software upon requestREAD Categories, READ Computers, READ File Share Distribution Points, READ Packages, CREATE/READ/UPDATE Policies, CREATE/READ/UPDATE Static Computer Groups

  7. When you are finished selecting permissions, click Save.

  8. Open the Jamf Pro Server Settings subtab.

  9. Click Edit and make sure that Read is selected for Activation Code.

  10. When you are finished selecting permissions, click Save.

See Also

Entering Jamf Pro Settings at Initial Start Up

API Calls Used by App Portal to Integrate with Jamf Pro

Jamf Pro Tab

Enabling the “Create Uninstall Policy” Option for a Jamf Pro Package