Restricted itil role

Menalik
Tera Contributor

Requirements:

Callers/Requestors can view and update their ticket State as if they are itil users. Either in SOW or platform view. No other access should be granted.

 

Steps taken:

- Created iti_restricted role.

- Compared permissions from itil and added a few to itil_restricted.

- Added role to a user to test.

 

When impersonating the user, they can only access the employee portal. Nothing on the platform side. Is there something additional that I have to add to the role so they have access to the SOW?

8 REPLIES 8

Shivalika
Mega Sage

Hello @Menalik 

 

Did you grant them "sn_sow.sow_home" access ? 

 

Kindly mark my answer as helpful and accept solution if it helped you in anyway. This will help me be recognized for the efforts and also move this questions from unsolved to solved bucket. 

 

Regards,

 

Shivalika 

 

My LinkedIn - https://www.linkedin.com/in/shivalika-gupta-540346194

 

My youtube - https://youtube.com/playlist?list=PLsHuNzTdkE5Cn4PyS7HdV0Vg8JsfdgQlA&si=0WynLcOwNeEISQCY

I did not. After adding it, their account was still not able to access the SOW.

Hello @Menalik 

 

Can you show the list of read ACLs you granted with this role ? 

 

Kindly mark my answer as helpful and accept solution if it helped you in anyway. This will help me be recognized for the efforts and also move this questions from unsolved to solved bucket. 

 

Regards,

 

Shivalika 

 

My LinkedIn - https://www.linkedin.com/in/shivalika-gupta-540346194

 

My youtube - https://youtube.com/playlist?list=PLsHuNzTdkE5Cn4PyS7HdV0Vg8JsfdgQlA&si=0WynLcOwNeEISQCY

Dr Atul G- LNG
Tera Patron
Tera Patron

Hi @Menalik 

 

To access the workspace, a user must have the WS role: sn_sow.sow_home.

 

Callers/Requestors can view and update their ticket State as if they are itil users. Either in SOW or platform view. No other access should be granted.

Atul:I doubt this is correct. The reason is that if the caller has the ITIL role, it means they can see other tickets as part of their groups and work on them as well. Your statement contradicts this. As an ITIL user and a member of five groups, I can work on an incident assigned to me, even if I am not the caller of that incident. Please reconsider this aspect.

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************