How to Provide Read-Only Access to Incidents Without Granting ITIL Role

Kumar54 · 2 weeks ago

Hi Community,

I have a scenario where certain business managers (non-ITIL users) need the ability to view incidents in ServiceNow without being granted the ITIL role. These users:

Do not need to create, update, or assign incidents.
Only require read-only access to specific types of incidents (based on conditions such as assignment group, category, or other filters).
Should be able to view the form details and work notes but not perform any actions.

I’d like to achieve this without modifying the standard incident ACLs tied to ITIL.

I also noticed that:

I don’t see any SNC-internal role available.
The sn_read_only role is also not helpful in this case.

Questions:

What is the recommended way to grant incident read-only access to a custom role (non-ITIL)?
Should I clone the incident ACLs and adjust conditions for the new role?
Is there a better approach (e.g., data policies, UI view restrictions, or reporting-only access) for such use cases?

Appreciate any guidance or best practices from those who’ve implemented a similar requirement.

Dr Atul G- LNG · 2 weeks ago

Hi @Kumar54

The sn_read_only role is also not helpful in this case.

Any reason why?

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

View solution in original post

Kumar54 · 2 weeks ago

I dont see any role like
sn_incident_read
sn_incident_write
in our instance

Nikhil Bajaj9 · 2 weeks ago

Hi @Kumar54 ,

You should install ITSM roles -plugin to instance to see thse roles.

Regards,

Nikhil Bajaj

Please appreciate my efforts, help and support extended to you by clicking on – “Accept as Solution”; button under my answer. It will motivate me to help others as well.
Regards,
Nikhil Bajaj

Dr Atul G- LNG · 2 weeks ago

Hi @Kumar54

It must be available OOTB. If not, as recommended by @Nikhil Bajaj9 , install the ITSM role plugins.

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

Dr Atul G- LNG · a week ago

Hi @Kumar54

Did you install the ITSM role?

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************