Grant Required Permissions for the Remote Assist Agent on macOS Devices

MacOS devices require additional Privacy & Security settings to grant the JumpCloud Remote Assist software permissions to enable remote access and Remote File Manager (RFM) file-sharing capabilities.

Depending on your OS version and MDM type, you may be required to enable permissions for Screen Recording, Accessibility, or both to effectively run Remote Assist to its full capabilities, as well as Full Disk Access for RFM.

Overview

To run JumpCloud Remote Assist on macOS devices, you need to grant the app permissions in System Settings > Privacy & Security. Depending on your OS version and MDM type, you need to enable permissions for Screen Recording, Accessibility, or both.

Considerations

  • If your macOS devices are not enrolled in any MDM, users will need to grant the Accessibility and Screen Recording permissions manually.
  • If your macOS device is enrolled with JumpCloud’s MDM and running 11.x (Big Sur) or newer, the JumpCloud agent automatically grants Accessibility permissions for the Remote Assist agent as part of the PPPC policy push.
    • The user is still required to grant Screen Recording permissions, but doesn’t need special Admin privileges to do so.
  • If your device is enrolled with JumpCloud MDM, the policy to support the Remote File Manager is applied automatically.
  • For third party MDMs, you’ll need to either manually grant the JumpCloud Remote Assist agent permissions, or download the custom preconfigured profile for use with your MDM to grant the appropriate permissions to our software.

Limitations

  • The Remote Assist Agent does not currently support video streaming from HDR-enabled displays. To effectively use the Remote Assist service, disable HDR video streaming on your device. Remote Assist has HDR disabled by default.

Note:

Remote Assist has HDR disabled by default.

Granting Permissions for Users Enrolled in JumpCloud MDM

To grant permissions for a macOS device enrolled with JumpCloud MDM:

  1. Click the Apple menu at the top of the screen.
  2. Go to System Settings > Privacy & Security > Screen & System Audio Recording..
  3. Toggle the JumpCloud Remote Assist app to enable screen recording permissions.
    Image of macOS System Settings with Privacy and Screen Recording enabling options

Note:
  • For macOS devices running Big Sur and Monterey, you do not need to enter your password or grant Accessibility permissions.
  • For JumpCloud-enrolled devices, the agent automatically enables Full Disk access for Remote Assist to support the Remote File Manager. This policy to support the RFM is enabled in the backend, so it will still work even though it will not appear in the Full Disk Access folder.

Granting Permissions for a Non-JumpCloud MDM

A custom profile is required for non-JumpCloud MDMs. To grant permissions for a non-JumpCloud MDM:

  1. Download the custom Privacy Preferences Policy Control (PPPC) file attached to this article.

Note:
  • See the attached PPPC-JumpCloud-Agent-Permissions-1-1.mobileconfig file.
  • The PPPC profile automatically supports the Remote File Manager feature. The permission to use the RFM is enabled after the policy is deployed.
  1. Follow the instructions from your MDM to install this custom profile.
  2. Complete the steps in Granting Permissions for a JumpCloud MDM . 

Granting Permissions for Users Not Manually Enrolled in MDM

If your macOS device meets the following conditions, the user must manually grant the Accessibility and Screen & System Audio Recording permissions:

  • macOS device is running Big Sur or Monterey, but not enrolled in JumpCloud MDM.
  • macOS device is enrolled in a non-JumpCloud MDM, but not using the PPPC policy attached to this article. 

Note:
  • A user must have admin privileges to grant Accessibility permissions. 
  • If a user’s device is running Big Sur or later, admin privileges are also required to grant Screen & System Audio Recording permissions.

To grant permissions for a device not manually enrolled in MDM:

  1. Click the Apple menu at the top of the screen.
  2. Go to System Settings > Privacy & Security > Accessibility.
  3. Toggle the JumpCloud Remote Assist app to enable accessibility permissions.

Important:

If JumpCloud Remote Assist doesn’t show up in the list of available apps, click the + icon and select it from the Applications folder.

  1. Go to System Settings > Privacy & Security > Screen & System Audio Recording.
  2. Toggle the JumpCloud Remote Assist app to enable screen recording permissions.
  1. To enable permissions for the Remote File Manager feature, go to System Settings > Privacy & Security > Full Disk Access.
  2. Click the + icon and add JumpCloud Remote Assist from the Application directory.
  3. Toggle the JumpCloud Remote Assist app to enable full disk access.

Granting Permissions Using JumpCloud Remote Assist System Access

If the required permissions discussed above haven’t been granted by a user on the macOS device, the JumpCloud Remote Assist System Access prompt will be displayed every time a user logs in to the system.

Users enrolled in JumpCloud MDM can click the Change Setting button to directly update the settings. 

Clicking Change Setting redirects you to System Settings > Privacy & Security. Toggle the JumpCloud Remote Assist app in the list to enable the permission needed to support Remote Assist.

Note:

For non-JumpCloud MDM users and users not manually enrolled in MDM, you must have admin privileges to be able to change the settings.

Once you have granted all the required permissions, click Close. The prompt stops appearing in the next login. However, if any of the required permissions are missing, the prompt will be displayed in the next login.

If you haven’t granted all the permissions and don't want to keep seeing the prompt every time you log in, select the Do not show me this message again checkbox and then click Close. The next time you login, the prompt doesn’t appear but you receive the following notification. 

You can click the notification to view the JumpCloud Remote Assist System Access prompt and update the settings as required.

Granting Additional Permissions for macOS 15 and Later

Monthly Screen and System Audio Recording Permissions 

macOS 15 onwards, Apple now requires users to review existing screen and system audio recording permissions for JumpCloud Remote Assist every month, and allows them to revoke said permissions if needed. 

Once the system updates to macOS 15 or later, if you have already granted the required permissions for Remote Assist, you will be prompted to grant screen and system audio recording permissions again. 
Image of Permission Prompt in macOS for Remote Assist

Click Allow for One Month to allow screen and audio recording permissions to the JumpCloud Remote Assist app for a month and ensure the app performs properly. The pop-up will reappear once the one month period ends.
You  also have the option to select Open System Settings to go to System Settings > Privacy and Security and revoke permissions for the Jumpcloud Remote Assist app.

Permission to Find Devices on Local Network

macOS 15 onwards, Apple requires additional permissions to discover and connect to devices on your local network. 

Once the system is updated, you will be prompted to allow JumpCloud Remote Assist to connect to your local network. 

When prompted, click Allow on the following pop-up window to ensure JumpCloud Remote Assist has the required permissions.
Permission prompt for local devices

Important:

This pop-up appears only once after the system is updated. If you don’t grant permission, JumpCloud Remote Assist will not be able to access or connect to devices on your local network.

To grant access later:

  1. Go to System Settings > Privacy and Security. 
  2. Select Local Network and use the toggle to enable JumpCloud Remote Assist.
Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case