Skip to main content
Solved

Jamf Management Framework API Privileges

InsaneAsylum
Forum|alt.badge.img+4

I have a service account which is locked down to the bare minimum privileges and I'm trying to make a web request to:

https://companyxxx.jamfcloud.com/api/v1/jamf-management-framework/redeploy/xxxx

where xxxx is the computer's Jamf ID.

It works perfectly using my own account which has full privileges but the service account is returning Forbidden.

I am having trouble finding the correct boxes to check to enable the service account to do this.

Any help is appreciated.

Best answer by InsaneAsylum

sdagley wrote:

@InsaneAsylum It's "Send Computer Remote Command to Install Package". Take a look at https://developer.jamf.com/jamf-pro/docs/privileges-and-deprecations for required privileges for the Jamf Pro API, and https://developer.jamf.com/jamf-pro/docs/classic-api-minimum-required-privileges-and-endpoint-mapping for the Classic API.


Thanks @sdagley I've created another dummy account to do some testing via process of elimination.

Indeed "Send Computer Remote Command to Install Package" under Jamf Pro Server Actions is required.

It also needs to Read "Check-In" under Jamf Pro Server Settings, and Read "Computer Check-in Setting" under Jamf Pro Server Settings.

View original
    Did this topic help you find an answer to your question?

    2 replies

    sdagley
    Forum|alt.badge.img+25
    • sdagley
    • Jamf Heroes
    • 3536 replies
    • June 2, 2022

    @InsaneAsylum It's "Send Computer Remote Command to Install Package". Take a look at https://developer.jamf.com/jamf-pro/docs/privileges-and-deprecations for required privileges for the Jamf Pro API, and https://developer.jamf.com/jamf-pro/docs/classic-api-minimum-required-privileges-and-endpoint-mapping for the Classic API.

    aparten11
    InsaneAsylum
    2 people like this
    • aparten11
      aparten11
    • InsaneAsylum
      InsaneAsylum
    InsaneAsylum
    Forum|alt.badge.img+4
    • InsaneAsylum
    • Author
    • New Contributor
    • 1 reply
    • Answer
    • June 3, 2022
    sdagley wrote:

    @InsaneAsylum It's "Send Computer Remote Command to Install Package". Take a look at https://developer.jamf.com/jamf-pro/docs/privileges-and-deprecations for required privileges for the Jamf Pro API, and https://developer.jamf.com/jamf-pro/docs/classic-api-minimum-required-privileges-and-endpoint-mapping for the Classic API.


    Thanks @sdagley I've created another dummy account to do some testing via process of elimination.

    Indeed "Send Computer Remote Command to Install Package" under Jamf Pro Server Actions is required.

    It also needs to Read "Check-In" under Jamf Pro Server Settings, and Read "Computer Check-in Setting" under Jamf Pro Server Settings.

    aparten11
    1 person likes this
    • aparten11
      aparten11

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings