Configuring user access and data permissions for AI agents
Configure the security controls to specify the users who can discover or use the agentic workflow, and provide data permissions for AI agents.
Role masking enables users to limit the roles and privileges of AI agents during tool execution. AI agents that get installed with Now Assist applications are assigned pre-defined roles. If you select Users with specific roles for user access, you must configure the security controls to include these roles. Data access settings must also include these roles. For the instructions to change the security controls, see Define security controls for an AI agent.
- sn_cm_gen_ai.ai_contract_fulfiller
- sn_lg_cnt.contract_fulfiller
- sn_lg_ops.request_fulfiller
- sn_cm_core.contract_fulfiller
- contract_manager
- sn_lg_cnt.contract_owner
- sn_cm_obligation.obligation_fulfiller
- Navigate to
- Select the AI agents tab.
- Open the AI agent for which you want to configure the security controls.
- In the guided setup, navigate to Define security controls to define the security access.
- In the Define user access tab, add the user roles who can discover or invoke the AI agent.
- In the Define data access tab, add the user roles to define which roles the AI agent uses to access data during its execution.
This configuration controls what information the AI agent can read, update, or share, based on the permissions of the selected roles.
For more information on configuring the security controls, see Define security controls for an AI agent.