Service Catalog security Service Catalog enables you to set the security for catalog with user criteria. Set security for items and categoriesAn administrator can control access to content in the service catalog by creating and applying user criteria records. Apply permissions to a service catalog variableAdd permissions to a variable by specifying the roles that can perform read, write, or create actions on the variable. If a role is specified for the read, write, or create actions, only users with the specified roles can perform these actions. If no role is specified for the read, write, or create actions, all users who can access the catalog item can perform these actions irrespective of their role. For example, if no role is specified for the Write roles field, all users who can access the catalog item can edit the variable value in the variable editor. A user with a role that does not match any of the following roles cannot set variable values even through scripting.Legacy service catalog access controlsService catalog supports several ways to control access to a catalog item or category. These controls are also known as catalog entitlements.