Content filtering for playbooks

  • Release version: Zurich
  • Updated July 31, 2025
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Content filtering for playbooks

    Content filtering for playbooks in Workflow Studio enables ServiceNow customers to control which playbook content users can access based on their roles. This ensures users see only relevant and authorized content, improving security and usability by hiding unnecessary or sensitive activities.

    Show full answer Show less

    Key Features

    • Content Definitions: Define types of Workflow Studio resources, such as playbook activity definitions. These can include entire resource sets or be refined using conditions and tags to target specific activities.
    • Content Filtering Rules: Associate user roles with content definitions to specify who can access particular playbook content. These rules govern what activities a user sees and can interact with based on their assigned roles.
    • Role-Based Access Controls: Override filtering by specifying required roles for activity definitions, controlling who can view or modify activities. Only users with the playbook.admin role can edit these required roles fields.
    • Default Settings: By default, two content filtering rules allow users with delegateddeveloper or playbook.activitydefread roles to access all activity definitions, enabling quick setup.
    • Read-Only Playbooks: Users lacking access to certain activities or process definitions see those elements in read-only mode, preventing unauthorized changes while still allowing visibility.

    Practical Application for ServiceNow Customers

    Customers can start using content filtering immediately with default definitions and rules or customize content definitions to restrict access to specific activities (e.g., activities containing "Guided Decision"). By assigning the appropriate roles, administrators ensure users only access relevant activities during playbook creation, enhancing security and user experience.

    Additionally, administrators should assign the playbook.write role (instead of the broader pdauthor role) to grant users access to subsets of activity definitions within a content definition, providing more granular control over content editing permissions.

    Specify which content a user can access based on the user's role.

    Display only content that is relevant for a particular user, hiding content that is unnecessary or sensitive. Specify the Workflow Studio playbook content that you want to control access to and the role that a user must have to access it. For example, if a user with the guided_decision_builder role is creating a playbook, show only a relevant set of activities.

    To implement content filtering, you need:
    • Content definitions to specify types of content.
    • Content filtering rules and roles to determine who can access the content.
    There is one content definition for playbooks by default, the Playbooks - All Activity Definitions content definition. The Playbooks - All Activity Definitions content definition has two content filtering rules by default:
    • (Default) Playbook - Users with delegated_developer role can access all activity definitions
    • (Default) Playbook - Users with playbook.activity_def_read role can access all activity definitions
    This means that users with the roles delegated_developer or playbook.activity_def_read role can access all activity definitions. Get started with content filtering by using default definitions and rules, or create your own.

    Content definitions

    Content definitions specify a type of Workflow Studio resource. Resources are key elements of Workflow Studio components, such as activity definitions for playbooks. Create content definitions to include an entire resource, or use a condition builder to refine your definitions. For example, the content definition for playbook activity definitions includes all activity definitions, but you could create a content definition that includes only the activity definitions that contain Guided Decision in the Name or Package.

    You can further refine content definitions through tagging. Add resource tags to items in a resource list, then design your content definition to only include resources with that tag.

    Content filtering rules

    Content filtering rules specify the role that a user must have to access the content in a particular definition. Each rule associates user roles with a single content definition. When a user accesses Workflow Studio playbooks, content filtering rules determine what activities the user may access based on the user's role.

    Role-based activity definition access

    Manage activity definition access by specifying the Required Roles to access an activity definition. This overrides any content access filtering. To learn more about roles, see Playbooks roles. To learn more about activity definitions, see Activity definitions.


    Required roles field in an activity definition
    Note:
    Both playbook.admin and pd_content_author roles can edit activity definitions, but only the playbook.admin role can edit the Required Roles field.

    Read-only playbooks

    Users have a read-only view of playbooks with:
    • activities they do not have access to,
    • process definitions [sys_pd_process_definition] they don't have write access to.
    Table 1. Access summary
    Resource filtered User has role User does not have role
    Activity Definition
    • The activity definition is visible to select when building a playbook.
    • The activity definition can be copied.
    • The activity definition can be modified.
    • The activity definition is hidden and cannot be selected when building a playbook.
    • Playbooks with the activity definition are read-only.

    Design considerations

    Content definition roles for activity definitions
    Give users access to the subset of activity definitions in a content definition by assigning the playbook.write role, not the pd_author role.