Migrate to service catalog user criteria

Service Catalog enables you to maintain the required access controls to your service catalog while migrating from entitlements to user criteria.

About this task

To maintain the required access controls to your service catalog while migrating from entitlements to user criteria:

Procedure

  1. Navigate to Service Catalog > Catalog Policy > Properties and verify that the user criteria feature is not already enabled on your system.
    • If the property Use "User Criteria" to define access to catalog items and categories (glide.sc.use_user_criteria) is set to true, you can skip the following steps. The user criteria feature is automatically enabled because entitlements were not used in your old system.
    • If this property is set to false, continue with the following steps. The user criteria feature has not been enabled yet on your system.

  2. To preview the user criteria feature, set the service catalog property Enable both "User Criteria" and "Entitlement" related lists for catalog items and categories when migrating from entitlements (glide.sc.user_criteria_migration) to true. This option lets you compare user criteria records and entitlements before you fully switch to user criteria.
  3. Inspect your service catalog items and categories to identify access control sets that you can configure user criteria records for. Review your current entitlements and record your current design for access controls. Focus on identifying patterns where multiple items have the same combination of location, group, and so on. Each combination is a possible access control set.
  4. Create a user criteria record for each access control set that you identified from your inspection of the service catalog.
    You have a step with a list, note, and image.
  5. Apply these user criteria records to the items and categories identified, replacing the equivalent entitlements.
  6. Enable user criteria on your system by setting the service catalog property Use "User Criteria" to define access to catalog items and categories (glide.sc.use_user_criteria) to true. When this property is set to true, any remaining entitlements are no longer used.
    Note: Scripts in user criteria cannot reference the category or catalog item as current as entitlement scripts do. For scripts in user criteria, use the user_id available for the user currently being evaluated against the category or catalog item.