Create an allowlist configuration

  • Release version: Zurich
  • Updated July 1, 2026
  • 1 minute to read
  • Manage access to specific tables by specifying the additional user roles necessary to create an intelligent approval on a specific table.

    Before you begin

    Role required: sn_iap.policy_admin

    About this task

    By default, the sn_iap.policy_manager role grants intelligent approvals access to all tables. If you want to prevent policy manager users from creating intelligent approvals on specific tables, you can create an allowlist configuration to require the sn_iap.policy_admin user role instead.

    Procedure

    1. Navigate to All > Intelligent Approvals > Allowlist Configurations.
    2. From the list controls, select New.
    3. Specify the configuration details.

      Sample allowlist configuration details

      Field Description
      Description Summary of the table or roles needed to grant access to intelligent approvals.
      Role User role needed to grant intelligent approvals access to the specified table. For example, select sn_iap.policy_admin to prevent users who only have the sn_iap.policy_manager role from creating intelligent approvals for a specific table.
      Active Option to enable or disable the allowlist configuration.
      Table Name Table that you want to control access to using the specified user role. For example, select change_request to require the specified user role to access the Change Request table.
      Condition Query string used to determine when to apply the allowlist configuration. By default this field is read-only.
    4. Select Submit.
      Sample allowlist configuration to restrict access to the Change Request table to policy admin users

    Result

    Error message when creating intelligent approval

    Only users with the specified user role (usually sn_iap.policy_admin) can create intelligent approvals on the specified table. Users without the required role see an error message when they attempt to create an intelligent approval on an access-restricted table.