Configuring for non-admin user

If you have decided to not use a read-only admin user to configure your ServiceNow instance, you will need to ensure that Quality Clouds has access to all the code and configuration tables required by setting up individual Access Control Lists on them. You can do so manually, working from the list of tables provided on this list, which is quite time consuming.

Or you can apply an Update Set provided by Quality Clouds. This Update Set will make the following changes in your instance:

  1. Create the qc_access role
  2. Assign the following roles to the qc_access role
    1. business_rule_admin
    2. catalog_admin
    3. client_script_admin
    4. data_policy_admin
    5. form_admin
    6. import_admin
    7. personalize_styles
    8. script_include_admin
    9. sn_change_write
    10. sp_admin
    11. ui_action_admin
    12. ui_policy_admin
    13. ui_script_admin
    14. web_service_admin
    15. workflow_admin
  3. Create read-only ACLs for the qc_access role to those tables which have ACLs restricting access to admin only, which are:
    1. sys_app_cateogry
    2. sys_dictionary_override
    3. sys_data_policy2
    4. sys_script_email
    5. sys_script_pattern
    6. sysevent_script_action
    7. syslog_transaction
    8. wf_workflow_version


Please consider that if you have ACLs in place which could conflict with the ones included in these Update Sets, you will need to resolve these conflicts manually.

Download version and later


Note: This is the first version of the update set which uses sub-admin roles, rather than ACLs for all tables. 

After the update set has been applied, you will need to manually create the user which Quality Clouds will use to connect to your instance and assign the qc_access role to that user. The snc_read_only role should also be assigned, to ensure that the access is read-only.

Be aware that incremental Update Sets will be published as Quality Clouds expands the functionality and required access to additional tables.

You can now proceed to step 3. Configure the user

Update Sets for Operational Scans

The below update sets are required to enable access to the data fields which are used to monitor the operational behaviour of a productive ServiceNow instance. They are only required if the Quality Clouds Operational Scans product (aka admin bot) has been purchased. The update set for operational scans requires the base update set to be installed before it is applied.

This update set grants read only access to the following tables:

  • cmn_department
  • sys_user - only to the fields user_name, active, last_login
  • sys_user_role - via the role usage_admin
  • sys_user_has_role
Quality Clouds Release VersionRelease DateFull Configuration Update SetIncremental Update Set (from previous release) 29th, 2020N/A

See it in a video