The Management Console Environments page allows organization administrators (members of a role with Admin permission) to set up environments within an organization to define and manage an integration project's lifecycle. You must set up at least one environment in order to create projects within Jitterbit Harmony.
Each integration project is deployed to a specific Harmony environment. Environments can be used to segregate different states of an integration project. For example, a common project lifecycle configuration might have three environments: Development, Test, and Production.
The access that users have in a specific environment depends on the combination of their organization role's permissions and its environment access:
- A role's permissions are defined by organization administrators on the Organizations page.
- A role is granted access to an environment as described under Managing Role Access to Environments later on this page.
In order to access an environment, a ll roles (even roles with Admin permission) must be granted access to an environment. This includes being able to access areas of Cloud Studio, Design Studio, API Manager, Management Console, and Citizen Integrator that require an environment to be selected, and the ability to install agents in an environment.
When you're ready to move a project between environments, such as from Development to Test, you migrate the project. This can be done from within Cloud Studio (see Project Migration) or Design Studio (under File > Migrate Project).
Accessing the Environments Page
Users are able to see or edit the Environments page depending on the combination of their organization role's permissions and its environment access:
- Members of a role with only Read permission whose role has been granted access to an environment can see information about the environment on the Environments page but are not able to edit it.
- Members of a role with Admin permission can see and use all actions for all environments on the Environments page (even if they have not been granted role access to the environment).
To access the Environments page, log in to the Jitterbit Harmony Portal, then use the Harmony Portal menu in the top left to go to Management Console > Environments:
Jitterbit Harmony organization administrators (members of a role with Admin permission) manage each environment and the Agent Groups associated with it. Members of a role with only Read permission whose role has been granted access to an environment can see information about the environment but are not able to add, edit, or remove environments.
The top section of the Environments page contains a table that shows all the environments that you have access to within the selected organization:
The table displays information for each environment. These fields are configurable as explained in the next sections:
- Environment: The name of the environment.
- Agent Group: The Agent Group associated with the environment. For more information, see Agents > Agent Groups.
- URL Prefix: The environment's URL prefix, to be used with Custom, OData, and Proxy APIs created with API Manager.
- Hit Limit: The maximum number of Custom API hits per minute within the environment, for use with API Manager.
Other fields in the table contain automatically populated statistics about your environment, including counts of these items:
- Projects: The combined total number of Cloud Studio projects and Design Studio projects deployed in Jitterbit Harmony for the environment.
- Operations: The combined total number of Cloud Studio operations and Design Studio operations deployed in Jitterbit Harmony for the environment.
- Connections: The combined total number of Cloud Studio connections and Design Studio sources, targets, Jitterbit Connect Wizard, and connector wizard endpoints.
- Hosted Endpoints: The combined total number of Design Studio hosted HTTP endpoints and hosted web service endpoints.
- File Formats: The combined total number of Cloud Studio schema files and Design Studio file formats.
- Scripts: The combined total number of standalone Cloud Studio scripts (as a project component) and Design Studio scripts (as a project item).
To sort the table, click on any of the column headers.
To filter the table, use the search box to enter filter criteria in the syntax shown in the search box. For columns with names containing a space (such as "Agent Group"), remove all spaces when referencing their name (such as "AgentGroup"). See Search for Activities on the Activities page for additional examples of the search syntax.
At least one environment must be defined for each organization. You may be limited to the number of environments you can create based on your Jitterbit Harmony subscription plan. If you require additional environments, contact your Customer Success Manager.
To add an environment, click the Add New Environment button to open the Add Environment dialog:
Name: The name of the new environment (for example, Development, Test, or Production).WARNING: These special characters are not allowed:
- Organization Name: The currently selected organization. This cannot be changed from the Add Environment dialog. Instead, you can navigate to a different organization from the navigation bar along the top of the Harmony Portal (see Changing the Selected Organization in Jitterbit Harmony Portal).
URL Prefix: The environment's URL prefix, to be used with Custom, OData, and Proxy APIs created with API Manager. By default, the name of the environment is used. For more information, see Step 2: Select Service Type and Assign Operation in the API Manager Quick Start Guide.
Whether you use the environment default or enter a custom name, the URL Prefix becomes an integral part of all Custom API endpoint URLs and should be relatively short. The URL Prefix is limited to a maximum of 48 characters.
WARNING: These special characters are not allowed:
In addition, spaces are not allowed.
Associate Group: The Agent Group you want to use to service the new environment. Use the dropdown to select an Agent Group for the environment, choosing from either a Private Agent Group configured through the Agents Groups page (see Agents > Agent Groups) or one of the Jitterbit Cloud Agent Groups (available by default).
- The maximum number of Custom API hits per minute within the environment, for use with API Manager. If left blank, there is no limit to the number of API hits at the environment level and the limit of hits per minute defaults to the organization limit across all APIs in all environments (as stated in your Jitterbit license agreement). For additional information, see Rate Limiting at Profile Level in Harmony API Security. Hit Limit:
- Description: A description of the environment.
Editing or Removing Environments
To change any information about an environment after it is created, or to remove an environment, use the Action dropdown on the far right:
- Edit Environment: Opens the Edit Environment dialog to change the Name, URL Prefix, Hit Limit, or Description (described above in Adding Environments).
- Associate Agent Group: Opens the Associate Group dialog to change the Agent Group associated with the environment (described above in Adding Environments).
- Remove Environment: Deletes the environment from the organization.
Managing Role Access to Environments
Before granting role access to an environment, you must define the roles that can have access. The individual membership for those roles is defined at the organization level (see Managing Permissions, Roles, and Members on the Organizations page). After roles are defined, you can grant roles different levels of access to an environment.
Environment-level access levels are used in combination with organization permissions to further the ability of administrators to control what members of a specific role can do in a specific environment. For example, users in an entry-level developer role may have Read, Execute, and Write access in a development environment but only Read access in a test environment and no access in a production environment.
When granting a role access to an environment, you can select from one of four cascading environment access levels. View Logs is the lowest level of access, followed by Read, Execute, and then Write as the highest level of access. As you select a higher level of access, all lower access levels are automatically selected and cannot be cleared.
- A member of a role with Read permission at the organization level may still be able to make edits in an environment if Write access is granted to the role at the environment level.
- A member of a role with Admin permission at the organization level but who has only Read access at the environment level is not able to deploy, execute, or edit projects in that environment.
- A member of a role with Admin permission at the organization level but who has not been granted environment access is not able to access the environment at all.
The four environment access levels are described in the table below.
Environment Access Level
Environment Access When Granted to a Role
Other types of logs — such as agent logs or operation logs as seen within Cloud Studio or Design Studio — are not accessible, as access to these applications is not provided by this access level.
View Logs is automatically selected if any other access level (Read, Execute, or Write) is selected.
Access to the pages and applications listed above is limited to viewing pages or opening — but not editing or deploying — projects and their configurations.
Read is automatically selected if Execute or Write access is selected.
When this access level is selected, the View Logs access level is automatically selected and cannot be cleared.
This access level is commonly used to limit access to projects deployed to critical environments, such as a production environment.
Access to perform these actions:
Execute is automatically selected if Write access is selected.
When this access level is selected, the View Logs and Read access levels are automatically selected and cannot be cleared.
This access level is commonly used to limit access in test environments and is often granted to users who need to support an integration, as they may need to run operations and view operation logs.
In organizations whose Harmony subscription has expired, this access level is effectively the same as the Read access level.
Access to and the ability to make edits and perform actions such as deploying (where applicable) on:
When granted to a role with Agent-Install permission, Write access provides the ability to install agents.
When this access level is selected, the View Logs, Read, and Execute access levels are automatically selected and cannot be cleared.
In organizations whose Harmony subscription has expired, this access level is effectively the same as the Read access level.
API Manager Portal
These additional criteria must be met before the API Manager Portal page is accessible:
- For each API whose documentation becomes accessible from the Portal page, an organization role that has been granted Read or Write access in an environment must be selected in the API configuration (see Step 3: Assign User Roles and Security Profiles in API Creation and Configuration).
- The API documentation must have previously been generated and published through the Portal Manager page.
In addition to access through the API Manager application, the Portal page can be accessed through a direct link by external API consumers who have both a minimum of Read permission in an organization and Read access in an environment. To obtain the direct link, copy either the URL of the API Manager Portal page or the link to View API Documentation on the Portal Manager page.
Viewing and Editing Role Access to an Environment
On the bottom section of the Environments page, the Roles tab displays a table of all current roles that currently have access or have previously been granted access to the selected environment.
In the right column, you can see the environment access levels associated with each role:
To select or clear an access level, click the access level. A confirmation dialog is displayed.
A colored (blue) background and white letters indicates an access level is selected, while a gray background with black letters indicates an access level is not selected. It is not possible to remove a role from an environment, unless the role is either deleted or deactivated from the organization (using the Organizations page). To clear a role of all access levels, click a role's View Logs access level to toggle off the selection. The role remains listed but does not have access.
The access levels available in an environment are described in detail above under Access Levels.
Granting a Role Access to an Environment
To grant an existing role access to the selected environment, click the Grant Role Access button. In the Grant Role Access dialog, use the dropdown to select the role, select the access levels, and click Save:
Last updated: Nov 02, 2020