Permission Fields
These fields apply to both user and group policy events.
Field | Value | Explanation |
---|---|---|
permissions:admin |
1 or 0 |
1: The user is an administrator. |
permissions:api:command |
1 or 0 |
1: The user is allowed to use the command API. |
permissions:api:reporting |
1 or 0 |
1: The user is allowed to use the reporting API. |
permissions:api:state |
1 or 0 |
1: The user is allowed to use the real-time state API. 0: The user is not allowed to use the real-time state API. |
permissions:canned_scripts |
1 or 0 |
1: The user may create and edit canned scripts. |
permissions:change_display_name |
1 or 0 |
1: The user may change their display name. |
permissions:custom_rep_links |
1 or 0 |
1: The user may create and edit custom rep links. 0: The user may not create or edit custom rep links. |
permissions:file_store |
1 or 0 |
1: The user may add or remove files from the file store. |
permissions:issues |
1 or 0 |
1: The user may create and edit issues. |
permissions:jump_groups |
1 or 0 |
1: The user may edit Jump Groups. |
permissions:jump_item_role:default:id |
string |
The unique identifier of this user's default Jump Item Role. |
permissions:jump_item_role:default:name |
string |
The name of this user's default Jump Item Role. |
permissions:jump_item_role:personal:id |
string |
The unique identifier of this user's personal Jump Item Role. |
permissions:jump_item_role:personal:name |
string |
The name of this user's personal Jump Item Role. |
permissions:jump_item_role:system:id |
string |
The unique identifier of this user's system Jump Item Role. |
permissions:jump_item_role:system:name |
string |
The name of this user's system Jump Item Role. |
permissions:jump_item_role:teams:id |
string |
The unique identifier of this user's team Jump Item Role. |
permissions:jump_item_role:teams:name |
string |
The name of this user's team Jump Item Role. |
permissions:rep_to_rep_screen_sharing |
1 or 0 |
1: The user is allowed to show their screen to other users outside of a session. |
permissions:rep_to_rep_screen_sharing:control |
1 or 0 |
1: When showing their screen to another user, the user is allowed to grant control to the viewing user. |
permissions:reporting:license_reports |
1 or 0 |
1: The user is allowed to view license usage reports. |
permissions:reporting:recordings |
1 or 0 |
1: The user is allowed to view support session recordings. |
permissions:reporting:support_reports |
none
|
Whether the user is disallowed to generate reports or is allowed to generate reports only for sessions in which they were the primary user, for sessions in which one of their teammates was the primary user or one of their teams was the primary team, or for all sessions. |
permissions:support |
not_allowed
|
Whether the user is disallowed to offer support or is allowed to offer full remote support. |
permissions:support:extended_availability_mode |
1 or 0 |
1: The user is allowed to enable extended availability. |
permissions:support:external_key* |
1 or 0 |
1: The user is allowed to edit the external key. |
permissions:support:invite_temp_rep |
1 or 0 |
1: The user is allowed to invite an external user into a single session. |
permissions:support:jump:clients |
1 or 0 |
1: The user is allowed to Jump to unattended systems via preinstalled Jump Clients. |
permissions:support:jump:local |
1 or 0 |
1: The user is allowed to Jump to unattended computers on the same network without Jump Clients or a Jumpoint. |
permissions:support:jump:remote |
1 or 0 |
1: The user is allowed to Jump to unattended remote computers through a Jumpoint. 0: The user is not allowed to Jump to unattended remote computers through a Jumpoint. |
permissions:support:jumpoint:admin |
1 or 0 |
1: The user is allowed to create and edit Jumpoints. |
permissions:support:jumpoint:shell |
1 or 0 |
1: The user is allowed to use Shell Jump. |
permissions:support:rdp:remote |
1 or 0 |
1: The user is allowed to use BeyondTrust to start a Remote Desktop Protocol (RDP) session with a computer on a remote network. |
permissions:support:team_share |
1 or 0 |
1: The user can share sessions with teams to which they do not belong. |
permissions:support:vnc:remote |
1 or 0 |
1: The user is allowed to use BeyondTrust to start a VNC session with a computer on a remote network. |
permissions:support:vpro |
1 or 0 |
1: The user is allowed to control a computer using Intel® vPro Technology. |
permissions:teams |
1 or 0 |
1: The user is allowed to create and edit teams. |
permissions:users:set_passwords |
1 or 0 |
1: The user is allowed to reset other users' passwords. |