The Zurich release has arrived! Interested in new features and functionalities? Click here for more

Domain Separation in Health Dashboard: How Data Visibility Works

Sandeep90
ServiceNow Employee
ServiceNow Employee

on ‎05-19-2025 07:25 AM

Introduction

This article explains how domain separation functions within the system, demonstrating data visibility patterns across different domain types. We'll explore this functionality using the demo data available through the domain separation plugin(com.glide.domain.msp_extensions.installer)

 

The demo data that gets loaded from the domain separation plugin establishes a specific hierarchy:

  • A global domain serves as the base level
  • A "Top" domain functions as the parent domain for all other domains
  • Several domains including Acme, Cisco, Default, MSP, and Oceanic Airlines exist as children of the "Top" domain

 

Understanding Domain Hierarchy and Data Access

The demo data setup consists of 100 records distributed across multiple domains in the cmdb_ci class. The records are organized systematically, with 10 records inserted into each domain. Each record is named according to its domain and numbered from 0 to 9, for easier understanding.

 

Total_CI_With_Domain.png

 

Key Domain Visibility Rules 

Below examples illustrate three critical scenarios that show how domain separation affects data visibility:

 

1. Global Domain Access

When operating within the global domain, users have complete visibility of all data across all domains.

 

Global_domain_access.png

 

2. Individual Domain Access

When operating within an individual domain (such as Cisco in this example), users can only view:

  • Data within their own domain (10 records in Cisco)
  • Data that exists in the global domain (10 additional records)

This restricted visibility ensures domain-specific users only access information relevant to their domain plus globally shared data.

Cisco_domain_Access.png

3. Parent Domain Access

The "Top" domain functions as a parent domain. When switched to this domain, all 100 records are visible because:

  • Parent domains have visibility into all their child domains' data
  • Parent domains can also see global data
  • Parent domains have access to their own domain-specific data

Since all other domains in this example are children of the "Top" domain, a user with Top domain access can view everything in the system.

 

Top_domain_Access.png

 

 

Summary of Domain Visibility Rules

Domain Type Visibility
Global All records across all domains
Individual (e.g., Cisco) Own domain records + Global records
Parent (e.g., Top) Own records + All child domain records + Global records

 

 

0 Helpfuls
  • 467 Views
Version history
Last update:
‎05-19-2025 07:21 AM
Updated by:
ServiceNow Employee
Contributors