ServiceNow Integration Permissions
This page covers the roles and permissions required to configure and use the ServiceNow integration in Qualytics.
Two Permission Layers
Permissions for the ServiceNow integration are split into two layers:
- Qualytics User Role (Admin, Manager, Member) — controls who can manage the integration and perform global actions.
- Team Permission (Editor, Author, Drafter, Viewer, Reporter) — for actions that touch a specific anomaly, the user must also have the right permission on the anomaly's datastore team.
Integration Configuration
Actions that manage the integration itself (connecting, viewing, disconnecting).
| Action | Member | Manager | Admin |
|---|---|---|---|
| View integrations list | |||
| View ServiceNow integration details | |||
| Connect ServiceNow integration | |||
| Disconnect / delete integration | |||
| Search ServiceNow incidents | |||
| Get ServiceNow incident by ID |
Single Integration
Only one ticketing integration can be active at a time. Connecting a ServiceNow integration while Jira is already connected will fail until the existing one is disconnected.
Ticket Operations on Anomalies
Actions that create or manage links between anomalies and ServiceNow incidents. These require both the right user role and the right team permission on the anomaly's datastore.
| Action | Member | Manager | Admin | Team Permission |
|---|---|---|---|---|
| View linked tickets on an anomaly | Reporter | |||
| Create a ServiceNow incident from an anomaly | Reporter | |||
| Link an existing ServiceNow incident to an anomaly | Author | |||
| Remove a link between an anomaly and an incident | Author |
Team Permissions Hierarchy
Team permissions are hierarchical: Editor → Author → Drafter → Viewer → Reporter. Higher-tier permissions automatically include all lower-tier permissions. For example, a user with Editor permission automatically satisfies any action requiring Author, Drafter, Viewer, or Reporter.
See Team Permissions for details.
How Both Layers Work Together
For ticket operations on anomalies, both layers must be satisfied:
- The user must have the required Qualytics user role (e.g., Manager+ to create tickets).
- The user must have the required team permission on the anomaly's datastore (e.g., Reporter to view, Author to link).
Examples:
- A Member with Editor team permission cannot create a ServiceNow incident — Member is blocked at the user-role layer.
- A Manager without team membership in the datastore cannot create incidents for anomalies in that datastore — blocked at the team layer.
- An Admin bypasses team permissions entirely and has full access regardless of team membership.
UI Behavior Without Permission
| Scenario | What the User Sees |
|---|---|
| Member viewing the Integrations page | The page is accessible but the ServiceNow integration cannot be connected, edited, or deleted. |
| Member viewing an anomaly with linked tickets | The linked tickets list is visible (read-only) if they have Reporter permission on the datastore. |
| Member trying to create/link a ticket | The Add button in Linked Tickets is hidden or the action is blocked. |
| Manager without team access to a datastore | Cannot create or link tickets for anomalies in that datastore even with Manager role. |
ServiceNow-Side Permissions
The ServiceNow service account used for the integration must have the following roles:
| Role | Purpose |
|---|---|
itil |
Allows creation and modification of Incident records |
rest_api_explorer (optional) |
Useful for testing/troubleshooting API calls |
See the Introduction for the full list of service account requirements.
Full User Roles Reference
For the complete User Roles matrix across all Qualytics features, see the User Roles page.