Understanding Roles & Permissions

Last updated: 13 April 2026

Understanding Roles & Permissions

Jump uses role-based access control (RBAC) to manage what each user can see and do. Roles are collections of permissions that you assign to users.

How to Get There

Navigate to Settings > Roles & Permissions.

Enabling RBAC

RBAC must be enabled in Settings > Security before it takes effect. When RBAC is off, all users have full access. When RBAC is on, users can only perform actions allowed by their assigned roles.

System Roles

Jump provides three built-in roles that cannot be edited:

Role Purpose
Management Full administrative access - user management, billing, settings, data import
Clinician Clinical permissions - consultations, prescriptions, documents, read-only settings access
Reception View-only clinical access, document creation, read-only settings access

System roles can be cloned to create a custom role based on their permissions.

Creating Custom Roles

  1. Click Create Role (or clone a system role)
  2. Enter a name and description
  3. Select permissions from the available groups:
    • Clinical - consultation, prescription, and document permissions (view, create, update, finalise, amend)
    • Admin - user management, role assignment, API keys, settings, billing, system admin
    • Data - patient import, clinical data import, invoice import
  4. Save the role

Some permissions are marked as restricted and show a warning when added, as they grant elevated access.

Assigning Roles to Users

Switch to the User Assignments tab to see all users and their current roles. Click a user to assign or remove roles.

Key points:

  • Users can hold multiple roles simultaneously
  • Permissions are additive across all assigned roles
  • Use View Effective Permissions to see exactly what a user can do based on their combined roles

Important: When RBAC is first enabled, any users without an assigned role will have no permissions. Assign roles before enabling RBAC to avoid locking users out.