Users who can access only the "User Management" Console should not also be able to access other functions in the Console UI, but the User Management Console requires full access.
Assign the user to ROLE_ADMIN_USER.
Once assigned to that role, the user will only have access to the User Management Console.
If someone with Role_Admin_User tries to view and click on or add jobs to another console, he or she receives a forbidden access error.
Note: There is no way to hide console applications for a particular user.