Help

Jamf Management Framework API Privileges

Go to solution
InsaneAsylum
New Contributor

Posted on ‎06-01-2022 11:14 PM

I have a service account which is locked down to the bare minimum privileges and I'm trying to make a web request to:

https://companyxxx.jamfcloud.com/api/v1/jamf-management-framework/redeploy/xxxx

where xxxx is the computer's Jamf ID.

It works perfectly using my own account which has full privileges but the service account is returning Forbidden.

I am having trouble finding the correct boxes to check to enable the service account to do this.

Any help is appreciated.

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
InsaneAsylum
New Contributor
In response to sdagley

‎06-02-2022 05:59 PM - edited ‎06-02-2022 06:00 PM

Thanks @sdagley I've created another dummy account to do some testing via process of elimination.

Indeed "Send Computer Remote Command to Install Package" under Jamf Pro Server Actions is required.

It also needs to Read "Check-In" under Jamf Pro Server Settings, and Read "Computer Check-in Setting" under Jamf Pro Server Settings.

View solution in original post

2 REPLIES 2

Go to solution
sdagley
Esteemed Contributor II

‎06-02-2022 05:35 AM - edited ‎06-02-2022 05:39 AM

@InsaneAsylum It's "Send Computer Remote Command to Install Package". Take a look at https://developer.jamf.com/jamf-pro/docs/privileges-and-deprecations for required privileges for the Jamf Pro API, and https://developer.jamf.com/jamf-pro/docs/classic-api-minimum-required-privileges-and-endpoint-mappin... for the Classic API.

Go to solution
InsaneAsylum
New Contributor
In response to sdagley

‎06-02-2022 05:59 PM - edited ‎06-02-2022 06:00 PM

Thanks @sdagley I've created another dummy account to do some testing via process of elimination.

Indeed "Send Computer Remote Command to Install Package" under Jamf Pro Server Actions is required.

It also needs to Read "Check-In" under Jamf Pro Server Settings, and Read "Computer Check-in Setting" under Jamf Pro Server Settings.