Is there an user role to grant read-only access to ServiceNow?

jesusemelendezm
Mega Guru

Hi everyone,

 

What if you need to grant read only access for audit purposes to a team or an user? How do you do it?

 

Thank you.

1 ACCEPTED SOLUTION

Kirk2
Giga Contributor

Ben Hollifield created a Auditor Role process and uploaded it to the share site.


URL is ServiceNow Share



His script does the following:



Auditor is a new role in your instance that can be assigned to users to effectively provide read-only access to records in ServiceNow.



Notes:


-Read only access is achieved in 2 ways:


---A global 'list-edit' access control to disable list editing for all tables


---A global client script to make all form fields read-only, disable form buttons, disable the context menu, and disable related links


-Faulty client scripts on a form can cause the above client script to fail, thus disabling read-only functionality.


-The 'auditor' role piggy-backs on existing roles to provide visibility to records. It initially inherits the 'itil' role to provide standard process user visibility. Assign additional roles to the 'auditor' role in order to increase visibility.


-The 'admin' role overrides all created functionality.



*Creates all new entities within ServiceNow. No baseline tables or scripts are affected.



He also included an XML file that can be imported as an update set into your instance.


We installed this and it works OOB with only a couple small modification for our environment.


Cheers


Kirk


View solution in original post

5 REPLIES 5

Jogen
Tera Expert

You want to create a user who can just access the ServiceNow??


zheil
Mega Expert

Hi Jesus E. Melendez M.



There is no such role. We had the same issue and the only solution for that was to set up a new read-only user role for audit purposes, and to set up ACL rules specific to that role. It was a time consuming process, there were numerous issues with the visibility and read-only status of fields, list views, UI actions, related lists and attachments. So if you would like to set up read-only roles that will need careful planning.


harikrish_v
Mega Guru

Hi Jesus,



You can take a look at this thread:-



https://community.servicenow.com/thread/161151



Thanks & Regards,


Hari


Kirk2
Giga Contributor

Ben Hollifield created a Auditor Role process and uploaded it to the share site.


URL is ServiceNow Share



His script does the following:



Auditor is a new role in your instance that can be assigned to users to effectively provide read-only access to records in ServiceNow.



Notes:


-Read only access is achieved in 2 ways:


---A global 'list-edit' access control to disable list editing for all tables


---A global client script to make all form fields read-only, disable form buttons, disable the context menu, and disable related links


-Faulty client scripts on a form can cause the above client script to fail, thus disabling read-only functionality.


-The 'auditor' role piggy-backs on existing roles to provide visibility to records. It initially inherits the 'itil' role to provide standard process user visibility. Assign additional roles to the 'auditor' role in order to increase visibility.


-The 'admin' role overrides all created functionality.



*Creates all new entities within ServiceNow. No baseline tables or scripts are affected.



He also included an XML file that can be imported as an update set into your instance.


We installed this and it works OOB with only a couple small modification for our environment.


Cheers


Kirk