Impersonate in HR Service Delivery

giuseppem
Kilo Sage

‎06-07-2018 11:31 AM

Hi

In my instance I have a user with HR roles and Impersonate role. When this user Impersonate a user with Itil and HR roles, it's possible to access to ITSM applications and modules (Incident, Change, Problem, etc) but hr applications and module (Case, Task) are not visible.

How Impersonate work in HR Service Delivery "scope" application? Impersonate is available in hr?

Thanks

 

 

Labels:
0 Helpfuls
  • 1,495 Views
2 REPLIES 2

sachin_namjoshi
Kilo Patron
Kilo Patron

‎06-07-2018 11:39 AM

Impersonation works in similar way for any table in service now.

There must be ACL on hr tables which is restricting users access to hr tables.

Please check ACLs, module level role access for HR.

Regards,

Sachin

0 Helpfuls

bryan_strasburg
Mega Guru

‎06-07-2018 12:42 PM

The HR application uses scripted ACLs that check for impersonation.

Here is an example:

find_real_file.png

There is a system property that activates this functionality:

"If true, ACLs check if the user is being impersonated"

Which we advise clients to always have set to "true" on Production instances, or any live instance with real data.

An HR user can be impersonated, but data controlled in this way (HR Profile, HR Case Data) will not be accessible.

Preview file
20 KB