Configure AES personas and roles

  • Release version: Australia
  • Updated June 2, 2026
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Configure AES personas and roles

    In App Engine Studio (AES), staff responsibilities are managed through assigned roles rather than explicit personas. These roles grant permissions to configure or use AES, enabling different team members to participate in app development according to their skills and responsibilities.

    Show full answer Show less

    Key Roles and Their Responsibilities

    • Low-code/Citizen Developer: Tech-savvy users who can submit app ideas and build apps in AES without formal coding training. They develop, test, and maintain applications and submit them for IT review.
    • App Engine Studio Admin: Manages app development workflows, reviews app requests, provisions user access, oversees deployment and promotion of applications, manages testing and scans, and resolves platform conflicts.
    • App Template Admin: Controls access to predefined and custom app templates, manages template activation, and shares templates with users or groups.
    • App Template Author: Creates and edits custom app templates within AES and shares them with users or groups.
    • Security Admin: Responsible for creating and modifying roles and access control lists at the platform level, essential for updating AES roles.
    • System Administrator: Has full access to system features including AES installation, configuration, upgrades, environment definitions, pipeline setups, and defining governance guardrails. Collaborates with developers and AES admins to resolve conflicts and manage security.
    • Professional ServiceNow Developer: Works primarily in ServiceNow Studio but collaborates with citizen developers in AES to ensure best practices, assist with complex app configurations, testing, and platform scan definitions.
    • Granular Admin Roles:
      • AES Admin: Provides administrative access to AES features and tables.
      • Collaboration Request Admin: Manages collaboration-related tables and requests.
      • Table Builder Wizard Admin: Controls permissions for table creation in AES.

      Note: Granular admin roles do not manage tables dependent on ServiceNow AI Platform tables; additional roles are required for those.

    Practical Use for ServiceNow Customers

    Assigning appropriate roles based on these personas allows organizations to efficiently manage app development and governance within AES. By leveraging these roles, customers can:

    • Enable citizen developers to contribute to app creation while maintaining oversight through admins and professional developers.
    • Ensure security and compliance by delegating role and access control management to security admins.
    • Streamline app lifecycle management including development, review, deployment, and maintenance.
    • Customize app templates to accelerate development while controlling template access.
    • Maintain system integrity and conflict resolution through collaboration between system administrators and developers.

    Understanding and applying these role assignments helps ServiceNow customers optimize collaboration, security, and productivity in their AES environment.

    The responsibilities of your staff are controlled by roles assigned to each member. Personas aren’t explicitly part of App Engine Studio (AES) but administrators assign roles to give team members permission to configure or use AES.

    Low-code/citizen developer
    Low-code/citizen developers are tech savvy and interested in creating apps. Though they might not have formal coding or app development training, citizen developers can submit ideas for new apps and, if approved, build them using AES.
    App Engine Studio admin
    App Engine Studio admins manage all processes related to app development in AES. They review new app ideas, manage app development and deployment, and manage collaborators, usually in the App Engine Management Center.
    App template admin
    The app template admin makes sure that the right people have access to appropriate predefined and custom templates for app development in App Engine Studio.
    App template author
    The app template author creates and edits custom app templates in App Engine Studio and can share them with other users or groups.
    Security admin
    The security admin creates and modifies roles and access control lists for apps. This role is set on the platform level, and it is required for making updates to roles in App Engine Studio.
    System administrator
    The system administrator has access to all system features, functions, and data, regardless of security constraints. Grant this privilege carefully. If you have sensitive information, such as HR records, that you must protect, create a custom admin role for that area and train a person who is authorized to see those records to act as the administrator.
    Professional ServiceNow developer
    Professional ServiceNow developers can work in App Engine Studio, usually as collaborators with citizen developers. Because of their coding knowledge and development background, though, they're more likely to build and customize apps on the ServiceNow AI Platform, using more complex building tools.
    Table 1. Personas for AES
    Persona Roles required Responsibilities
    Low-code/citizen developer App Engine Studio Users group (sn_app_eng_studio.user)
    • Submit requests for new custom applications to build in App Engine Studio.
    • Understand ServiceNow and application development best practices.
    • Build and test applications in App Engine Studio.
    • Submit App Engine Studio applications for IT review.
    • Maintain and change the application during its life cycle if determined during the intake process.

    App Engine Studio User Limited group (sn_app_eng_studio.user)
    • Collaborate with other users on applications they've been given permission to see.
    • Submit App Engine Studio applications for IT review.
    • Understand ServiceNow and application development best practices.
    Note:
    Users in the App Engine Studio User Limited group can't create new apps.
    App Engine Studio admin group
    • atf_test_designer
    • scan_admin
    • app_engine_admin
    • sn_app_eng_studio.admin
    • sn_collab_request.collab_request_admin
    • sn_table_bldr_wzd.table_bldr_wzd_admin
    • Manage App Engine Studio processes and properties.
    • Review and approve/reject submitted application requests based on intake guardrails defined by the system administrator.
    • Provision App Engine Studio user access.
    • Review submitted App Engine Studio applications.
    • Manage deployment requests.
    • Manage promotion of App Engine Studio applications across instances.
    • Execute ATF tests/suites in testing instances.
    • Ensure instance scans run with proper definitions.
    • Collaborate with the system administrator to resolve application conflicts that arise on the platform.
    App template admin app_template_admin
    • Control access to custom and predefined templates.
    • Activate and deactivate templates.
    • Share templates globally or with users and groups.
    App template author app_template_author
    • Create and edit custom templates in App Engine Studio.
    • Share custom templates with users or groups.
    Security admin security_admin
    • Create and modify roles and access control lists.
    • Required for making updates to roles in App Engine Studio.
    System administrator Admin
    • Install and configure App Engine Studio and its dependent apps.
    • Define environments.
    • Configure pipelines.
    • Provision access to the App Engine Studio administrator group.
    • Upgrade the App Engine Studio application, when applicable.
    • Define guardrails for which AES administrators can approve or reject application intake requests.
    • Collaborate with professional ServiceNow developers to create instance scan definitions for the platform.
    • Collaborate with AES administrators to resolve application conflicts that arise on the platform.
    Professional ServiceNow developer
    • atf_test_admin
    • delegated_developer
    • scan_admin
    • sn_app_eng_studio.user
    • sn_collab_request.collab_request_admin
    • Build and test applications in ServiceNow Studio and App Engine Studio
    • Collaborate with citizen developers on an as-needed basis to deliver applications in App Engine Studio, including the following tasks:
      • Ensuring application development and organizational best practices are followed by citizen developers.
      • Helping with review and testing of submitted App Engine Studio applications.
      • Building complex configurations involving UI Builder, Mobile App Builder, Workflow Studio, or other builder tools.
    • Create ATF tests/suites for applications.
    • Collaborate with a system administrator to create instance scan definitions for the platform.
    AES admin sn_app_eng_studio.admin Granular admin role that provides access to App Engine Studio and enables administrative access to AES tables. Can be combined with other granular admin roles or delegated development for additional permissions. For more information about granular admin roles, see Platform security granular admin roles.
    Collaboration request admin sn_collab_request.collaboration_request_admin Granular admin role that provides administrative access to collaboration tables.
    AES Table Builder Wizard admin sn_table_bldr_wzd.table_bldr_wzd_admin Granular admin role that provides access to manage permissions during table creation in AES.
    Important:
    Granular admin roles cannot manage tables that depend on ServiceNow AI Platform tables, such as the Experience Visibility Control table (sn_udc_experience_visibility_control) or Preferred Tables (sn_preferred_table). To manage such tables, additional granular admin roles are necessary. For more information, see Platform security granular admin roles.