Roles in Service Operations Workspace for ITSM

  • Release version: Xanadu
  • Updated August 1, 2024
  • 2 minutes to read

    • You can configure the user access for Service Operations Workspace (SOW) pages using various roles.

    Table 1. Roles in Service Operations Workspace for ITSM
    Role Description Inherited roles
    itil Provides access to all SOW pages. sn_sow.sow_user
    sn_sow.sow_user Provides access to SOW. By default, the itil role contains the sn_sow.sow_user. In case a user has roles other than itil, ensure that sn_sow.sow_user role is assigned to the user to access SOW. None
    sn_sow.sow_home Provides access to SOW home (landing) page. sn_sow.sow_user
    sn_sow.sow_list Provides access to SOW list pages. sn_sow.sow_user
    admin Provides access to all the pages in SOW including SOW Admin Center.

    A user with this role can perform configurations for all modules in SOW Admin Center.

    		 None
    sn_sow_itsm_admin.sow_admin_user Provides access to SOW Admin Center pages for SOW configuration. A user with this role can perform configurations related to Incident Management only. None
    sn_sow_admin.sow_admin_center_user Enables change managers to access the SOW Admin Center page. Change managers can use configurations for change features like modern change adoption, change models, DevOps change automation, and so on. sn_ace.ace_user
    awa_agent Provides access to inbox in SOW. None
    sn_sow.it_agent_dashboard_user Provides access to IT Agent Dashboard. None
    Incident Management
    sn_incident_read Provides the read access to incident record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_incident_read role can access the SOW home (landing) and list pages.
    sn_incident_write Provides the write access to incident record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_incident_write role can access the SOW home (landing) and list pages.
    incident_manager Manages incident properties, major incident trigger rules, create and edit communication plan definitions. None
    Major Incident Management
    major_incident_manager Promotes, manages, resolves and closes a major incident. ia_admin
    Problem Management
    problem_task_analyst Works on a problem task and manages it through its life cycle. None
    problem_coordinator Works on a problem or problem task and manages it through its life cycle. itil and problem_task_analyst
    problem_manager Responsible for the overall Problem Management process and can configure Problem Management settings, as well as act as a problem coordinator. problem_coordinator
    problem_admin A problem manager who can also delete problems and problem tasks. problem_manager
    sn_problem_read Provides the read access to problem record pages. sn_sow.sow_home and sn_sow.sow_list allow users with the sn_problem_read role to access the SOW home (landing) and list pages.
    sn_problem_write Provides the write access to problem record pages. sn_sow.sow_home and sn_sow.sow_list enable users with the sn_problem_write role to access the SOW home (landing) and list pages.
    Change Management
    sn_change_read Provides the read access to change record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_change_read role can access the SOW home (landing) and list pages.
    sn_change_write Provides the write access to change record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_change_write role can access the SOW home (landing) and list pages.
    change_manager Provides access to configurations related to Change Management in SOW Admin Center.
    • sn_sttrm_attribute_read
    • sn_sttrm_condition_read
    • sn_chg_soc.change_soc_admin
    • personalize_decision_table_input
    • sn_sow_admin.sow_admin_center_user
    • itil
    sn_devops.viewer Provides access to view or add DevOps data to a change request. None
    Request Management
    sn_request_read Provides the read access to request record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_request_read role can access the SOW home (landing) and list pages.
    sn_request_write Provides the write access to request record pages. sn_sow.sow_home and sn_sow.sow_list

    So, users with the sn_request_read role can access the SOW home (landing) and list pages.
    On-call Scheduling
    oc_read Provides the read access to Schedules page.

    Users with the oc_read role can access the On-call Schedules, Experts On-call, Escalation Tracking, and other On-call features in Service Operations Workspace.
    Password Reset
    password_reset_service_desk Resets passwords on behalf of users, tracks password reset requests, and views logs. None