Roles for scoped app

Lydon · ‎12-05-2022

Morning Fellows

I have a question, which I feel like I already know the solution but wanted to get opinions from our experts

I created an extension from the change request and created a few new groups that will be utilizing this app I only want these new groups to see and use the app.

If I add the OOB roles, e.g., u_change, u_change_write, that would mean that any existing group with these roles can see the new app correct?

In order to address this, should I create a new role for the groups that I want to see the new app, and assign this new role to that group, e.g, xyz_u_change, xyz_u_change_write

Thank you

Mike_R · ‎12-05-2022

Yes, you can create a new role and add those new roles to your custom table's ACL. You would need to add to the read, create, and write ACLs

Mike
* My Collection of ServiceNow Stuff *

Lydon · ‎12-05-2022

go it, so are you saying I should not do a brand new ACL but add the custom role to existing change_request ACL.

Mike_R · ‎12-05-2022

Actually,

Create the new role and add that custom role to the ACLs of your new extended table (not the change_request table but instead your new table).

You can leave the change_request table as is and just modify the ACLs of your new table.

Then only people with this new role will be able to see/use the new table

Mike
* My Collection of ServiceNow Stuff *