How to give access of a Custom Workspace to a specific user?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi Community,
I have created a Custom Workspace in ServiceNow and I want to give access only to specific users. My approach is to manage it via roles.
Could you please guide me:
How can I configure a workspace so that only users with a certain role can open it?
Do I need to update the workspace record (e.g., sys_restricted_access or related tables)?
Is there any best practice for handling role-based access for workspaces (similar to how we do for applications/modules)?
Any detailed guidance or examples would be really helpful.
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @rah dev ,
You have to use "ux_route" type ACL in this case.
Refer the ServiceNow Support Article: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1220210
If this solution helps you then, mark it as accepted solution ✔️ and give thumbs up 👍!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago - last edited 3 weeks ago
I don't think the KB article linked by @debendudas covers it in enough detail. There are two ways to manage access to the workspace. If you are in App Engine Studio then under the workspace settings general tab you will find the User Access required field. You can update this field to remove or add roles. Keep in mind that its best practice to do this 1 role at a time as some versions will not update correctly if you add/remove multiple roles at a time.
If you are not in App Engine Studio or it appears that controls are not being set correctly using it (possibly because at some point multiple roles were added/removed at the same time) then you can edit/create the ACL directly. The ACL will have a name format that matches the URL for the workspace with /s replace by .s (a workspace with url x/g/training-requests would have an ux_route ACL called x.g.training-requests.* to control who can access it). Update or create the ACL manually in either Studio or directly from System Security > Access Control (ACL)).
This ACL does 2 things, it actively restricts access if someone navigated directly to the workspace url and it also should hide the workspace from users that don't have access in the Workspaces list of users that don't have access.
