Users and Permissions
Users & Permissions has the following tabs:
- Users, where you can invite new users, edit roles, force logout or delete users.
- Audit Logs, which displays audit logs which can also be downloaded.
- API Tokens, which displays API token metadata and also allows you to generate new API tokens that can be used to access Jit APIs, for example from CLI scripts.
User roles and permissions
Role | Permissions |
---|---|
Admin | Invite members Change users roles. For example, from Member to Admin Create API tokens and define where they are used Perform all options and actions on the Jit platform |
Engineering Manager | Activate teams and view their My Teams data |
Member | All options and actions on the Jit platform apart from inviting members and creating tokens |
Developer | View specific pages via links |
Accessing Users & Permissions
Go to the left menu, scroll to Settings and then to Users and Permissions.
Field | Description |
---|---|
Invite User | Invite a user with Jit permissions |
User | User with Jit permissions |
Roles | See Roles & Permissions above |
Joined | Date and time of the first login |
Last seen | Date and time of last login |
Inviting new users
-
Click Invite User.
-
Click Copy Invite Link.
-
Optional: Click Edit, select a new expiration date and then click Save.
-
Copy the invite and send the link to the new user. We recommend sending the link via Slack.
-
Optional: To deactivate a link after it has been sent, repeat steps 1 to 3 above and then click Deactivate link.
Displaying User management audit logs
-
Go to User Management and select Audit Logs.
-
Click Download to download an Audit Log data.
Generating API tokens
-
Go to Users & Permissionsand select API Tokens.
-
Click Generate Token.
-
Complete the Description field, select a role and then click Create.
-
Copy the Client ID and Secret Key.
-
We recommend using GitHub secrets when using Jit APIs. Go to GitHub, and in the repo running GitHub Actions secrets and variables, click New repository secret and paste the secret.
SSO Configuration
If your organization uses SSO, you can login to the Jit platform with it. The SSO feature is not enabled by default, and you’ll need to contact us to enable it.
Once SSO is enabled, go to the Side bar → Users and permissions:
This will open the user management popup, in which you should now see an SSO section:
Once there, click on “Setup SSO connection”. You will then need to choose your SAML / OpenID provider, and follow the instructions in the set up wizard.
Note that the setup required admin access to your SSO provider account, as well as permissions / access to adding the relevant DNS record for your SSO domain name.
Once you completed the process, you’ll be able to map groups from your SSO provider to roles in Jit:
From now on, any user with an email in that SSO will be able to login to Jit, provided they were given a fitting role.
Updated 4 months ago