Subscribe to Help Center RSS FeedJumpCloud Vault allows administrators to assign platform roles to user groups. When a role is assigned to a group, all current and future members of that group automatically inherit the permissions associated with that role thereby eliminating the need to configure access on a per-user basis. This feature simplifies access management at scale, supports least-privilege enforcement, and speeds up onboarding and off-boarding workflows.
Prerequisites
- You are logged in as an Admin or a user with permissions to manage Groups and Roles.
- The target group already exists. If not, create it. See Groups for more information.
- The role you want to assign is already configured in Roles under Administration.
Assigning Roles
To assign a role to a group, do the following:
- Log in to the Vault platform.
- Go to Administration > Groups. The Groups list is displayed.
- Select a group and go to Roles tab. This displays all roles currently assigned to the group.
- Click +Add Role. The Select Roles modal window is displayed.
- On this window, search and select the required role names and then click Save. The recently added roles are added to the list.
Viewing Assigned Roles
To view which roles a user has — including those inherited through group membership:
- Log in to the Vault platform.
- Go to Administration > Users. The Users list is displayed.
- Search and select a user. The Edit User modal window is displayed.
- On the modal window, go to Roles tab. The User Roles modal window with all active roles are displayed. Roles inherited via group membership are labeled Inherited from Group.
- Select the desired user roles and click Save.
Back to Top
In this Article