Permission Fields
These fields apply to both user and group policy events.
Field | Value | Explanation |
---|---|---|
permissions:access_sponsors |
1 or 0 |
1: The user may create access sponsor groups. |
permissions:admin |
1 or 0 |
1: The user is an administrator. |
permissions:api:command |
1 or 0 |
1: The user is allowed to use the command API. |
permissions:api:reporting |
1 or 0 |
1: The user is allowed to use the reporting API. |
permissions:api:state |
1 or 0 |
1: The user is allowed to use the real-time state API. 0: The user is not allowed to use the real-time state API. |
permissions:support_button |
1 or 0 |
1: The user is allowed to create, modify, and delete Support Button Profiles. |
permissions:canned_scripts |
1 or 0 |
1: The user may create and edit canned scripts. |
permissions:change_display_name |
1 or 0 |
1: The user may change their display name. |
permissions:custom_rep_links |
1 or 0 |
1: The user may create and edit custom rep links. 0: The user may not create or edit custom rep links. |
permissions:customer_notice |
1 or 0 |
1: The user may create and edit customer notices. |
permissions:file_store |
1 or 0 |
1: The user may add or remove files from the file store. |
permissions:issues |
1 or 0 |
1: The user may create and edit issues. |
permissions:presentations |
1 or 0 |
1: The user is allowed to perform presentations. |
permissions:presentations:control |
1 or 0 |
1: The user is allowed to grant mouse and keyboard control to an attendee during a presentation. |
permissions:public_sites:templates |
1 or 0 |
1: The user may create and edit public site configurations. |
permissions:rep_to_rep_screen_sharing |
1 or 0 |
1: The user is allowed to show their screen to other representatives outside of a session. |
permissions:rep_to_rep_screen_sharing:control |
1 or 0 |
1: When showing their screen to another representative, the user is allowed to grant control to the viewing representative. |
permissions:reporting:license_reports |
1 or 0 |
1: The user is allowed to view license usage reports. |
permissions:reporting:presentation_reports |
none
|
Whether the user is disallowed to generate presentation reports or is allowed to generate reports only for presentations in which they were the presenter, for presentations in which one of their teammates was the presenter, or for all presentations. |
permissions:reporting:recordings |
1 or 0 |
1: The user is allowed to view support session recordings. |
permissions:reporting:support_reports |
none
|
Whether the user is disallowed to generate reports or is allowed to generate reports only for sessions in which they were the primary representative, for sessions in which one of their teammates was the primary representative or one of their teams was the primary team, or for all sessions. |
permissions:show_on_public_site |
1 or 0 |
1: The user may be listed in the representative list of all applicable public sites. |
permissions:skills |
1 or 0 |
1: The user may create and edit skills. |
permissions:support |
not_allowed
|
Whether the user is disallowed to offer support or is allowed to offer full remote support. |
permissions:support:accept_team_sessions |
1 or 0 |
1: The user is allowed to manually accept sessions from their team queues. |
permissions:support:support_button:change_public_sites |
1 or 0 |
1: The user is allowed to change the public portal through which a Support Button connects. |
permissions:support:support_button:personal:deploy |
1 or 0 |
1: The user is allowed to deploy and modify personal Support Buttons. |
permissions:support:support_button:team:deploy |
1 or 0 |
1: The user is allowed to deploy team Support Buttons for teams they are a member of. |
permissions:support:support_button:team:manage |
1 or 0 |
1: The user is allowed to modify Support Buttons deployed to teams they are a member of. If they are a team lead/manager they can modify the personal Support Buttons of any team members as well. |
permissions:support:canned_messages |
1 or 0 |
1: The user can create and edit canned messages. |
permissions:support:edit_ios_content |
1 or 0 |
1:The user is allowed to create, edit, and upload BeyondTrust Apple iOS Profile content. |
permissions:support:extended_availability_mode |
1 or 0 |
1: The user is allowed to enable extended availability. |
permissions:support:external_key |
1 or 0 |
1: The user is allowed to edit the external key. |
permissions:support:invite_temp_rep |
1 or 0 |
1: The user is allowed to invite an external representative into a single session. |
permissions:support:ios_content |
1 or 0 |
1: The user is allowed to generate access keys to offer iOS content to iOS device users. |
permissions:support:jump:clients |
1 or 0 |
1: The user is allowed to Jump to unattended systems via preinstalled Jump Clients. |
permissions:support:jump:clients:all |
1 or 0 |
1: The user is allowed to start sessions from all Jump Clients within the system. |
permissions:support:jump:clients:change_public_sites |
1 or 0 |
1: The user is allowed to change the public portal through which a Jump Client connects. |
permissions:support:jump:clients:change_session_policies |
1 or 0 |
1: The user is allowed to change the session policy associated with a Jump Client. |
permissions:support:jump:clients:config |
1 or 0 |
1: The user is allowed to deploy, remove, and modify Jump Clients for their Jump Groups or team members' personal lists of Jump Items. |
permissions:support:jump:clients:config:all |
1 or 0 |
1: The user is allowed to deploy, remove, and modify Jump Clients for all Jump Groups within the system. |
permissions:support:jump:clients:private |
1 or 0 |
1: The user is allowed to deploy, remove, and modify Jump Clients for her or her personal list of Jump Items. |
permissions:support:jump:local |
1 or 0 |
1: The user is allowed to Jump to unattended computers on the same network without Jump Clients or a Jumpoint. |
permissions:support:jump:remote |
1 or 0 |
1: The user is allowed to Jump to unattended remote computers through a Jumpoint. 0: The user is not allowed to Jump to unattended remote computers through a Jumpoint. |
permissions:support:jumpoint:admin |
1 or 0 |
1: The user is allowed to create and edit Jumpoints. |
permissions:support:jumpoint:shell |
1 or 0 |
1: The user is allowed to use Shell Jump. |
permissions:support:next_session |
1 or 0 |
1: The user is allowed to request the longest waiting session from their teams to begin support. |
permissions:support:rdp:local |
1 or 0 |
1: The user is allowed to use BeyondTrust to start a Remote Desktop Protocol (RDP) session with a computer on the same network. 0: The user is not allowed to use BeyondTrust for RDP on a local network. |
permissions:support:rdp:remote |
1 or 0 |
1: The user is allowed to use BeyondTrust to start a Remote Desktop Protocol (RDP) session with a computer on a remote network. |
permissions:support:session_assignment:disable |
1 or 0 |
1: The user is allowed to opt-out of automatic session assignment. |
permissions:support:session_assignment:idle_timeout |
integer |
The number of seconds the user must have been idle before sessions will no longer be automatically assigned to them. |
permissions:support:session_assignment:session_limit |
integer |
The minimum number of sessions the user must be supporting before sessions will no longer be automatically assigned to them. |
permissions:support:session_keys |
1 or 0 |
1: The user can create sessions keys for customers to use to start support sessions directly with that user. |
permissions:support:team_share |
1 or 0 |
1: The user can share sessions with teams to which they do not belong. |
permissions:support:team_transfer |
1 or 0 |
1: The user can transfer sessions to teams to which they do not belong. |
permissions:support:vnc:local |
1 or 0 |
1: The user is allowed to use BeyondTrust to start a VNC session with a computer on a local network. |
permissions:support:vnc:remote |
1 or 0 |
1: The user is allowed to use BeyondTrust to start a VNC session with a computer on a remote network. |
permissions:support:vpro |
1 or 0 |
1: The user is allowed to control a computer using Intel® vPro Technology. |
permissions:teams |
1 or 0 |
1: The user is allowed to create and edit support teams. |
permissions:users:set_passwords |
1 or 0 |
1: The user is allowed to reset other users' passwords. |