The JobScheduler knows different permissions for xml commands. These permissions can be configured differently for each IP address in the security element of the ./config/scheduler.xml file:
where [scheduler_host] is the hostname or IP of that machine where the JobScheduler is installed.
If you call JOC from [scheduler_host] with
http://[scheduler_host]:4444 then you have full access.
If you call JOC from 18.104.22.168 with
http://[scheduler_host]:4444 then your permissions are restricted.
But these are only IP level rights.
Currently the JobScheduler doesn't know user level permissions.
If you want user level permissions, then you can follow the instructions set out in How to operate JOC with an Apache Proxy.
If you use two user groups (admin, operator) which have different permission sets then see the article How to configure JOC for HTTP authentication for the configuration for different machines.
Furthermore configure the ./config/scheduler.xml file like this: