Configure client session access role

  • Release version: Australia
  • Updated March 12, 2026
  • 1 minute to read

    • The Embedded Session Role Configuration (Client Access Role configuration) record is created by default, which included removal of admin and security admin roles (high privilege roles) for the users using the UI components on the third-party portals.

    Before you begin

    Role required: admin

    Procedure

    1. Navigate to All > Client Access > Client Access Role Configurations.
    2. Select Embedded Session Role Configuration.
      Embedded Session
      Note:
      The Embedded Session Role Configuration record is created by default to remove admin and security admin roles (high privilege roles) for the users for the embedded session.

      The details for the configuration is displayed. By default, the configuration ensures that high privilege roles such as admin and security_admin are removed in the Embedded Session.

      Configuration record

      You can add more users to the list based on your requirement.

    3. Use the information icon to open the policy.
      The policy (Remove high privilege roles Policy) has the following details:
      • Policy Inputs: Embedded Session- the user-specific filter criteria that is used to remove the configured roles.Policy input record
      • Policy Conditions: Remove high privilege roles in Embedded Session- the condition validates to true to remove the high privilege roles that are added for the configuration.Condition set to true

      When the user is accessing the ServiceNow components in the third-party portal, based the above configurations, high- privilege roles are removed for that embedded session.

      You can also add more roles that needs to be removed to this Embedded Session Role Configuration record.