Share via

Grant table access to an account in ServiceNow

This article explains how to grant table access to a service account in ServiceNow. The process involves creating a role, assigning it to a user, and configuring row-level and field-level access controls.

Prerequisites

  • Admin access in ServiceNow.
  • Elevate to the security_admin role to make changes to Access Control Lists (ACLs).

Create a user

To create a user:

  1. Go to User Administration > Users.
  2. Select New to create a new user.
  3. Fill in the user details, such as microsoft.copilot for the User ID and Microsoft and Copilot for the First Name and Last Name. The User ID is required for successful crawls.
  4. Select Submit to save the user.

Create a role

To create a role:

  1. Go to User Administration > Roles.
  2. Select New.
  3. Enter a unique name for the role (for example, Copilot connector account).
  4. Select Submit to save the role.

Assign the role to a user

To assign the role to a user:

  1. Go to User Administration > Users.
  2. Open the user record for the intended user (for example, Microsoft Copilot).
  3. In the Roles related list, select Edit.
  4. Add the newly created role (Microsoft 365 Copilot Connector Account).
  5. Select Save to finalize the assignment.
  6. Select Update to update the user record.

Grant row-level access

To grant access to rows within a specific table, follow these steps:

  1. Elevate to the security_admin role.
  2. Go to System Security > Access Control (ACL).
  3. Select New to create a new ACL record.
  4. Fill in the following fields:
    • Type: Select record.
    • Operation: Choose the read operation.
    • Name: Enter the table name (for example, sys_dictionary).
  5. In the Roles section, add the previously created role (Copilot Connector Account).
  6. Select Submit to save the ACL.

Verification

  1. Impersonate the user (for example, Microsoft Copilot).
  2. Access the target table (for example, sys_dictionary) and confirm that rows are visible.

If the user can view the rows, but the field values aren't visible, you need to grant field-level access.

Grant field-level access

If the user can view rows but not field values, configure field-level access:

  1. Go to System Security > Access Control (ACL).
  2. Select New to create a new ACL record.
  3. Fill in these fields:
    • Type: Select record.
    • Operation: Choose the read operation.
    • Name: Enter the table name (for example, sys_dictionary) and use * in the field name to apply to all fields.
  4. In the Roles section, add the previously created role (Copilot Connector Account).
  5. Select Submit to save the ACL.

Final verification

To verify access to the table:

  1. Impersonate the user (for example, Microsoft Copilot).
  2. Confirm that both rows and field values within the target table are now visible.

You successfully granted table access to a service account in ServiceNow.

  • Last updated on