Roles in Service Operations Workspace for ITSM

  • 릴리스 버전: Australia
  • 업데이트 날짜 2026년 03월 12일
  • 소요 시간: 14분

    • You can configure the user access for Service Operations Workspace (SOW) pages using various roles.

    주:
    You must install and activate the ITSM Roles plugin (com.snc.itsm.roles) to correctly utilize all the SOW user roles including the granular admin roles.
    표 1. Roles in Service Operations Workspace for ITSM
    Role Description Inherited roles
    itil Provides access to all SOW pages. sn_sow.sow_user
    sn_sow.sow_user Provides access to SOW. By default, the itil role contains the sn_sow.sow_user. In case a user has roles other than itil, ensure that sn_sow.sow_user role is assigned to the user to access SOW. None
    sn_sow.sow_home Provides access to SOW home (landing) page. sn_sow.sow_user
    sn_sow.sow_list Provides access to SOW list pages. sn_sow.sow_user
    admin Provides access to all the pages in SOW including SOW Admin Center.

    A user with this role can perform configurations for all modules in SOW Admin Center.

    		 None
    sn_sow_itsm_admin_sow_admin_user Provides access to the ITSM section of the Admin Center for SOW configuration. sn_sow_admin_sow_admin_center_user
    sn_sow_admin_sow_admin_center_user Provides access to the Admin Center pages. sn_ace.ace_user
    awa_agent Provides access to inbox in SOW. None
    sn_sow.it_agent_dashboard_user Provides access to IT Agent Dashboard. None
    sn_sow_admin.sn_sow_admin Provides access to the SOW Admin Center page for configurations. Admins can use the role to configure SOW features and maintain organizational policies.
    주:
    To configure SOW features, you also require additional roles along with the SOW admin role to access specific sections and pages in SOW admin center. For more information, see Additional roles for SOW admin.
    • sn_sow_inc.sn_incident_sow_admin
    • sn_sow_problem.sn_problem_sow_admin
    • sn_sow_chg.sn_change_sow_admin
    • sn_sow_mim.sn_mim_sow_admin
    • sn_sow_interaction.sn_interaction_sow_admin
    • sn_sow_collab.sn_collab_sow_admin
    • sn_sow_srm.srm_admin
    • sn_sow_on_call.sn_on_call_sow_admin
    Service desk agent

    [sn_service_desk_agent]

    		 Enables gathering, and verifying information, as well as delivering quick resolutions for tier 1 service desk agents. This user role is available when the ITSM Roles plugin (com.snc.itsm.roles) is installed.
    • sn_incident_write
    • sn_problem_write
    • sn_change_write
    • sn_request_write
    • tracked_file_reader
    With the installation of the ITSM Gen AI (com.sn.itsm.gen.ai) plugin, the following roles are also assigned:
    • knowledge_user
    • now_assist_panel_user
    Incident Management
    sn_incident_read Provides the read access to incident record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_incident_read role can access the SOW home (landing) and list pages.
    sn_incident_write Provides the write access to incident record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_incident_write role can access the SOW home (landing) and list pages.
    incident_manager

    (Existing role with added responsibilities)
    • Manages incident properties and major incident trigger rules.
    • Can create and edit Communication Plan Definitions.
    		 itil
    sn_sow_inc.sn_incident_sow_admin Provides access to SOW Admin Center for configurations related to Incident Management features.
    • sn_incident_write
    • sn_sow_itsm_admin_sow_admin_user
    sn_incident_admin Configures all Incident Management features including incident management properties.
    • incident_manager
    • sn_sow_inc.sn_incident_sow_admin
    • sn_bm_client_benchmark_data_viewer
    Major Incident Management
    major_incident_manager A major incident manager can:
    • Initiate the major incident process by assessing and approving major incident candidates or creating a major incident.
    • Reject a major incident candidate.
    • Demote a major incident after it is accepted so that the incident can be handled as a regular incident.
    • Maintain the ownership and accountability for the life cycle of the incident.
    • Identifies the users and groups to be involved in the resolution activities.
    • Creates adhoc communication plans and tasks.
    • Edits a communication plan that is attached to a major incident.
    • Close a major incident.

    This role inherits the ia_admin role.
    communication_manager
    • Manages communications for major incidents and is responsible for communicating with all stakeholders.
    • Creates adhoc communication plans and tasks.
    • Edits a communication plan that is attached to a major incident.
    		 This role inherits the ia_admin role.
    sn_sow_mim.sn_mim_sow_admin Provides access to the SOW Admin Center pages for configurations related to MIM features.
    However, to perform configuration of the following MIM features from Admin Center, along with sn_mim_sow_admin role, you must also have additional role that provides access to the specific table where you want to configure:
    • MIM Trigger rules - incident_manager or major_incident_manager
    • Configure email - mail_client_template_read
    • Configure SMS - notify_admin or notify_view
    • Communication plans - sn_comm_management.comm_plan_viewer

    In case, you do not have the relevant additional role, you still can access the Major Incident Management (MIM) configuration section of the Admin Center but the Configure option is not enabled and you cannot configure the specific MIM feature.

    		 sow_admin_user
    sn_mim_admin Configure all Major Incident Management features including major incident properties and trigger rules.
    • mim_manager
    • sn_iam_admin
    • sn_sow_mim.sn_mim_sow_admin
    Problem Management
    problem_task_analyst Works on a problem task and manages it through its life cycle. None
    problem_coordinator Works on a problem or problem task and manages it through its life cycle. itil and problem_task_analyst
    problem_manager Responsible for the overall Problem Management process and can configure Problem Management settings, as well as act as a problem coordinator. problem_coordinator
    problem_admin A problem manager who can also delete problems and problem tasks. problem_manager
    sn_problem_read Provides the read access to problem record pages. sn_sow.sow_home and sn_sow.sow_list allow users with the sn_problem_read role to access the SOW home (landing) and list pages.
    sn_problem_write Provides the write access to problem record pages. sn_sow.sow_home and sn_sow.sow_list enable users with the sn_problem_write role to access the SOW home (landing) and list pages.
    sn_sow_problem.sn_problem_sow_admin Provides access to the SOW Admin Center pages for Problem Management configurations. sn_problem_write
    Change Management
    sn_change_read Provides the read access to change record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_change_read role can access the SOW home (landing) and list pages.
    sn_change_write Provides the write access to change record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_change_write role can access the SOW home (landing) and list pages.
    change_manager Provides access to configurations related to Change Management in SOW Admin Center.
    • sn_sttrm_attribute_read
    • sn_sttrm_condition_read
    • sn_chg_soc.change_soc_admin
    • personalize_decision_table_input
    • sn_sow_admin.sow_admin_center_user
    • itil
    sn_devops.viewer Provides access to view or add DevOps data to a change request. None
    Request Management
    sn_request_read Provides the read access to request record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_request_read role can access the SOW home (landing) and list pages.
    sn_request_write Provides the write access to request record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_request_read role can access the SOW home (landing) and list pages.
    On-call Scheduling
    oc_read Provides the read access to Schedules page.

    Users with the oc_read role can access the On-call Schedules, Experts On-call, Escalation Tracking, and other On-call features in Service Operations Workspace.
    rota_admin Provides access to Teams, Schedules, and Home pages in SOW. By default, for a user with this role, the Teams page is displayed.
    주:
    The sn_on_call_admin role, which configures all on-call schedule features including its properties and trigger rules, contains the rota_admin role.
    • sn_sow.sow_home
    • oc_read
    sn_sow_on_call.sn_on_call_sow_admin Provides access to the SOW Admin Center pages for on-call configurations.
    주:
    The sn_on_call_admin role, which configures all on-call schedule features including its properties and trigger rules, contains the sn_sow_on_call.sn_on_call_sow_admin role.
    • sn_sow_itsm_admin.sow_admin_user
    • sn_help_setup_player