Administer > Administer Service Management > Data domain segmentation

Data domain segmentation

Data domain segmentation in Service Management provides the ability to restrict the visibility of specific records and actions (such as tasks and approvals) to specific people, roles, or groups. Data domain segmentation is composed of two parts:

  • Assignment of permissions to view particular data domains to a person, role, or group.

    The automatic assignment of permissions to view a specific data domain is best done by selecting a Primary data domain for a group or user. For more information, see How to assign a Primary data domain to a group or user. The user with Tenant Admin role is authorized for all data domains.

  • Assignment of data domains to records.

    The automatic assignment of data domains to records as a result of out-of-the-box business rules running in Service Management is the recommended best practice. Data domains can also be assigned to records manually in specific instances, but this is not recommended as maintenance and automation become much more complicated.

A record must have at least one data domain assigned to it. The Public data domain, enabling access to all data domains, is provided out-of-the-box by Service Management and is automatically assigned when a record is created, if no other data domain is obtained automatically or selected manually.

For an example of how data domain segmentation can be used, see Data domain segmentation – use case.

Note

  • All available data domains are listed in the Data domains list in the Lists Management module. Each tenant can have up to 250 data domains. When this limit is reached, the Add button in the List items area is disabled. For information about editing lists, see Lists.
  • There is no option to define the order of the items in the data domains list. New list items are always added to the end of the existing list.

Related topics