You are here: Application Administration > People > Roles

Roles

Service Management has built-in roles that are based on industry best practice recommendations. Large companies might have several people assigned to the same role. Smaller organizations might have multiple roles assigned to one person. Maintaining a role-based view of the organization makes sure that you adhere to the best practice model no matter who is assigned to the role or how you divide the responsibilities associated with the role. For example, if your company is large, you may have separate process designers and process owners assigned to each module. A smaller company might assign both roles to one person for each module.

Permissions are controls within applications. When assigned, they enable you to complete certain Service Management tasks, such as adding update information to a record. Permissions are an administrative strategy to control access to records and limit the number of people who can view, create, update, or delete records. Permissions to view particular data domains limit your ability to view only records that are tagged with those domains. For more information, see Data domain segmentation.

If you have development and production tenants, all configuration changes must be made on the development tenant. For more information about synchronizing the tenants, see Dev2Prod - How to synchronize your development and production tenants.

ClosedHow to create a role

Service Management provides a robust set of roles that map to ITIL best practice recommendations. You can create new roles to meet the needs of your organization. After you create a new role, you can assign permissions to the role.

  1. From the main menu, select Administration > Master Data > People > Roles.

  2. Click Add icon Add at the top of the left pane.
  3. Type a Name in the New role dialog box.
  4. Click OK or Add another. Service Management confirms that the new role is saved.

The new role has no default permissions. Your next step is to update the role with the specific permissions that you want the role assignee to have.

ClosedHow to edit role permissions

New roles have no initial permissions. After you add a new role, you must assign specific permissions that are appropriate to the role. Occasionally, you might need to edit existing roles by changing existing permissions.

To update role permissions:

  1. From the main menu, select Administration > Master Data > People > Roles.

  2. If necessary, expand any of the following sections to assign or change permissions.

    • General

      Permission Description
      Log into the application Login rights are the lowest level of permission granted.
      Access to application administration modules Permission to view administrative areas.
      Encryption domain administrator Permission to create encryption domains.
      Permission to create public reports Create public dashboard reports and charts.
      Permission to create public favorite views Save searches as public views and favorites.

    • Security

      To add authorization to access records in all data domains, select the View all data domains check box.

      To add authorization to access records in specific data domains, click inside the text box and select the data domains that you want to include.

      Note To delete a specific data domain from the list, click .

      If a role that you are updating has permission to view all data domains and you want to change the permissions to view only specific data domains, first deselect the View all data domains check box and then select the specific data domains that you want to assign.

      To grant permission to clear data from encrypted fields, select Permission to clear encrypted data.

    • Record Type

      Permission Description
      View Enables you to view records of the selected record type.
      Delete Enables you to delete records of the selected record type.
      Update Enables you to update records of the selected record type in the grid.
      Admin Enables you to update the selected record type in the records module.
      Create Enables you to create records of the selected record type.
      Comments Enables you to edit or delete any existing comments on records of the selected record type.

      • To add permission to access a certain type of record:

        1. Click Add.

        2. Choose the record type from the list, and select the relevant permissions.

        3. Click OK. The new record type permission is displayed in the Record Type list.

      • To remove a record type permission:

        • Choose the record type from the list, and clear the relevant permission.

    • Resources

      Permission Description
      Create Enables you to create resources.
      Delete Enables you to delete resources.
      View Enables you to view resources.
      Update Enables you to update resources.

      • To add permission to access a resource:

        1. Click Add.

        2. Choose the resource from the list, and select the relevant permissions.

        3. Click OK. The new resource permission is displayed in the Resources list.

      • To remove a resource permission:

        • Choose the resource from the list, and clear the relevant permission.

    • Knowledge Management

      Permission Description
      Import articles Retrieve articles from external sources.
      Publish articles to the Service Portal Enable self-service users to access knowledge articles.
      Update articles that are currently published in the Service Portal Make changes to published articles.
      Hide articles that are currently published in the Service Portal Remove published articles.

    • Questions & Answers

      Permission Description
      Ask questions Enables a Service Portal user to post questions in the portal. For more information, see How to authorize knowledge handling in the Service Portal.
      Answer questions Enables a Service Portal user to respond to questions posted in the portal. For more information, see How to authorize knowledge handling in the Service Portal.
      Moderate user questions and answers Enables the Knowledge Contributor, Knowledge Publisher, or Knowledge Administrator to respond to questions posted in the Service Portal, and to review answers for relevance or accuracy. For more information, see How to moderate Q&A.

    • Live Support

      Permission Description
      Be able to request chat support In the Service Portal, only a user with this permission can request an online chat. This applies in cases where chat support is otherwise available through the chosen offering. If a user does not have this permission, the request chat option is not displayed.

    • On-Call Schedule

      Permission Description
      Be able to access on-call schedule Only a user with this permission can view On-Call Schedule Management. If a user does not have this permission, the feature is not displayed.

    • Change Management

      Permission Description
      Can create emergency change Only a user with this permission can initiate an emergency change.

    • Service Portal administration

      Permission Description
      Customize the look and feel of the Service Portal Only a user with this permission can change the Service Portal.

    • Approvals

      Permission Description
      Override approvals of

      Grant permission to override approvals for the following record types:

      • Request
      • Change
      • Article
      • Idea
      • Proposal
      • Release

    • Service Asset and Configuration Management (SACM)

      Permission Description
      Administrator Grant Service Asset and Configuration Management administration rights to the selected role.
      Advanced import Only a user with this permission can implement the advanced record import method.
      Allows view service modeling Only a user with this permission can view the Service Modeling link if the Service Management belongs to a suite SSO enabled account.

    • On-Premise Bridge

      Permission Description
      Administrator Grant On-Premise Bridge administration rights to the selected role.

      You can grant or remove access rights to complete endpoint tasks.

      Endpoint Description
      UCMDB 10.20 and later Access the Universal Configuration Management Database (UCMDB) repository.
      Knowledge Indexing Submit knowledge articles for indexing to make them easily accessible to Service Portal end users.
      Email Integration Access the Service Portal via email, without logging in.
      Rest Executor 1.0 Access the REST API.
      Operations Orchestration 10.02 and later Integrate with Operations Orchestration.
      PPM Outbound Integration

      Send Service Management ideas and proposals to Project and Portfolio Management (PPM).
      PPM Optimization Solver Optimize scenarios in the Project and Program Management module.
      LDAP Integration Access an LDAP server.

    • Analysis

      Permission Description
      Enable management of Hot Topic Analytics Grant permission to manage the stop list in Hot Topic Analytics.

  3. Click Save icon Save on the toolbar.

ClosedHow to assign a role to a user

You can assign one or more roles to a user in Service Management.

  1. From the main menu, select Administration > Master Data > People.

  2. Select the user to whom you want to assign a role.

    You can filter the list by clicking the Add filter Filter by icon button, selecting Name, and typing the name of the user, or part thereof. Click the record identifier in the ID column to display the selected record.

  3. Click in the Role field under System use definitions. Service Management displays a list of available roles.

  4. Select one or more roles to assign to the user.

  5. Click Save icon Save on the toolbar.

ClosedHow to unassign a role from a user

You can selectively remove any role from any user.

  1. From the main menu, select Administration > Master Data > People.

  2. Click Add filter Filter by icon, select the Name field, and type the name of the user. Click the record identifier in the ID column to display the selected record.

  3. Click in the Role field under System use definitions. For any role that appears in the field, click Delete to remove that role.

  4. If necessary, repeat the previous step to unassign other roles.

  5. Click Save icon Save on the toolbar.

Related Topics Link IconRelated Topics