A Jump Item Role is a predefined set of permissions regarding Jump Item management and usage. Jump Item Roles are applied to users from the Jump > Jump Item Roles page or from the Users & Security > Group Policies page.
If more than one role is assigned to a user, then the most specific role for a user is always used. The order of specificity for Jump Item Roles, from most specific to least specific, is:
Create or edit a Jump Item Role, assigning it a name and description. Then set the permissions a user with this role should have.
Under Jump Group or Personal Jump Items, determine if users can create and deploy Jump Items, move Jump Items from one Jump Group to another, or delete Jump Items.
Check Start Sessions to enable users to Jump to any Jump Items they have access to.
To allow users to edit Jump Item details, check any of Start Sessions, Edit Tag, Edit Comments, Edit Public Portal, Edit Jump Policy, Edit Session Policy, Edit Connectivity and Authentication, and Edit Behavior and Experience. Click the blue info icons next to the last three options to see exactly what is affected by these fields.
Under Jump Clients Only, choose if users can set passwords on Jump Clients. Also choose if they can access password-protected Jump Clients without needing to know the password.