Define security controls for an agentic workflow

  • Release version: Australia
  • Updated November 23, 2025
  • 3 minutes to read

    • In the guided setup for an agentic workflow, define security controls for who can access the agentic workflow and what data the agentic workflow has access to.

    Before you begin

    Role required: sn_aia.admin

    About this task

    The Define security controls step is divided into two parts: Define user access and Define data access. The former creates an access control list (ACL) that determines which users can discover or invoke the agentic workflow. The latter defines the data that the agentic workflow has access to once it’s invoked.

    See Security for AI agents for more information about creating ACLs and user identities for security for agentic workflows.

    Procedure

    1. Select which users can access the agentic workflow.

      The drop-down menu options are:

      • Users with specified roles
      • Authenticated users
      • Public

      If you select Users with specified roles, you can select exactly which roles can access the agentic workflow. Agentic workflows installed with Now Assist applications and their AI agents might require you to include specific roles. To learn which roles they need, consult the documentation for the AI agent or the agentic workflow that uses the AI agent.

      Define user access for an agentic workflow

    2. Select Save and continue to move to the next step.

      Saving and moving onto the next step triggers the creation of an ACL for your agentic workflow. If you want to make changes later, you can return to the guided setup and change the options here. If you have the correct elevated role, you can also make edits directly on the ACL table.

    3. Define the user identity of the agentic workflow to determine what data it has access to.

      The two options are Dynamic user and AI user. The dynamic user is the user invoking the agentic workflow. An AI user is a dedicated user that has its own specified roles that allow access, which could be more than the dynamic user.

      If you do not have an AI user but want to use the AI user identity, you need to create a new record on the User table. See Create a user. Select AI user as the identity type.

      If you select Dynamic user, you can select the Approved roles that the AI agent runs with. By default, an AI agent runs as a dynamic user and has the roles of the invoking user. Select the approved roles to limit the data access that an AI agent could have. Role masking must be applied for all AI agents and agentic workflows set to run as dynamic users.

      To override the role masking requirement for a specific agentic workflow or AI agent, admins with the correct elevated access can create an approved list of roles for a given agentic workflow or AI agent. Then, they can access that role masking record in the Agent Access Role Configurations table [sys_agent_access_role_configuration], and select the “allow all roles” check box. Taking these steps deactivates the requirement for a role masking approved roles list in AI Agent Studio, so the AI admin can return to AI Agent Studio and continue to configure the agentic workflow or AI agent without role masking applied.
      Note:
      Role masking should be applied as security best practice and adherence to the principle of least privilege. Overriding the role masking requirement isn’t recommended.

      If you select AI user, the list of roles that the AI user has is displayed.

      Define data access for an agentic workflow

    Result

    You have created an ACL that determines who can discover and access your agentic workflow, and you have assigned a user identity (and role masking, if relevant) to the agentic workflow to determine what data it can access.

    What to do next

    Select Save and continue to move to the next step, Adding a trigger. Adding a trigger is optional. You can also skip to the final step, Select channels and access.