Configuring user access and data permissions for agentic workflows
Configure the security controls to specify the users who can discover or use the agentic workflow, and provide data permissions for the agentic workflow.
Agentic workflows and their AI agents use role masking to determine which users can access them. Ones installed with Now Assist applications have specific roles that come included with the application. If you select Users with specific roles for user access, you must configure the security controls to include these roles. For the instructions to change the security controls, see Define security controls for an agentic workflow.
- sn_cm_gen_ai.ai_contract_fulfiller
- sn_lg_cnt.contract_fulfiller
- sn_lg_ops.request_fulfiller
- sn_cm_core.contract_fulfiller
- contract_manager
- sn_lg_cnt.contract_owner
- sn_cm_obligation.obligation_fulfiller
- Navigate to
- Select the Agentic workflows tab.
- Open the agentic workflow for which you want to configure the security controls.
- In the guided setup, navigate to Define security controls to define the security access.
- In the Define user access tab, add the user roles who can discover or invoke the agentic workflow.
- In the Define data access tab, add the user roles to define which roles the agentic workflow uses to access data during its execution.
This configuration controls what information the agentic workflow can read, update, or share, based on the permissions of the selected roles.
For more information on configuring the security controls, see Define security controls for an agentic workflow.