Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • HR Service Delivery
Table of Contents
Choose your release version
    Home Orlando HR Service Delivery HR Service Delivery Case and Knowledge Management HR Administration Manage HR roles

    Manage HR roles

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Manage HR roles

    Roles control access to features and capabilities in modules in the HR application.

    The HR Service Delivery Scoped app prevents users outside of the HR organization from accessing HR data.

    Scoped roles for both HR case workers and HR clients (employees, contractors, alumni, and others) grant access to HR services. Users without an HR scoped role cannot view HR cases or HR profile information.

    Only the HR Administrator [sn_hr_core.admin] can assign scoped HR roles.

    To configure your system, you must log in as a System Administrator [admin]. The HR Administrator [sn_hr_core.admin] role is contained in the System Administrator [admin] role. The combination of these two roles allows a user to perform all tasks associated with configuring your system.

    After system configuration, ensure that only the HR Administrator [sn_hr_core.admin] role has access to sensitive information. Remove the HR Administrator role from System Administrator [admin] role to prevent the System Administrator from viewing sensitive HR information.

    After granting access to a role, all the groups or users assigned to the role also have access. Roles can contain other roles, and grants access to any role that contains it.
    Note: IT System Administrators (admin) and HR scoped users can still impersonate ServiceNow users. When impersonating a user with a scoped HR role, an admin or any HR scoped user cannot access features granted by that role. HR cases and profile information are not accessible. Only users with the scoped HR Administrator [sn_hr_core.admin] can see case details when impersonating other scoped HR users. Also, admin cannot change the password of any user with a scoped HR role. For more information on impersonating a user, see Impersonate a user.
    HR Performance Analytics
    To configure the Performance Analytics (PA) dashboard, assign the Performance Analytics Administrator [pa_admin] role to the HR Administrator [sn_hr_core.admin] role.
    Note: Only the System Administrator [admin] can assign PA roles to employees.
    Role Description
    System Administrator [admin] Also known as admin and IT admin.

    Within the global scope of the application, has access to all system features, functions, and data, regardless of security constraints.

    • Grant users with the delegated developer role [delegated_developer].
    • Build export sets, move content between instances (development to production), and clone instances.
    • Run guided setup or modules to manage:
      • Company-wide objects like user, departments, and locations.
    HR Administrator [sn_hr_core.admin]
    This role can:
    • Assign users any of the HR roles.
    • View and access the HR Service Portal.
    • View, create, and edit HR cases in HR Case Management.
    • Access and create HR tasks inside an HR case using the Add Task related link.
    • View, create, and edit HR profiles including sensitive information like SSN and salary.
    • Create HR profiles and generate for multiple users through custom criteria.
    • Associate any user to HR roles, groups, and skills.
    • View and access HR Administration.
    • View and access HR Dashboards & Reports.
    • Run Application View to manage:
      • HR objects like HR roles and profiles.
      Note: When the Human Resources Scoped App: Core (com.sn_hr_core) and Lifecycle Events (com.sn_hr_lifecycle_events) plugins are active, the Lifecycle Admin (sn_hr_le.admin) role is part of HR Admin (sn_hr_core.admin).
    Delegated Developer [delegated_developer] When added to the HR Administrator role, can:
    • Access, and manage HR objects like HR profile, cases, groups, roles, service catalog objects, and Service Portal.
    • Modify HR application-related objects like skills, Knowledge Base, chat, notifications, surveys, reports, integrations, and SC.
    • Modify application structures like tables, business rules, and client-side validation,
    User with HR role There are specific HR roles that allow users access to specific areas of the system. For example, the HR profile reviewer [sn_hr_core.profile_reader] role can read profiles, but not edit them.
    User without HR role Users without an HR role cannot access HR Service Delivery.
    User with no role Users with no role cannot see any HR information even on HR cases they created or have HR tasks assigned to them.
    After system configuration, to ensure that only HR Administrator has access to sensitive information and prevent the System Administrator from accessing sensitive information:
    • Remove the HR Administrator [sn_hr_core.admin] role from System Administrator [admin].
      • The base system requires a user with the System Administrator role to run scheduled jobs. For details on HR scheduled jobs, see Components installed with Case and Knowledge Management.
      • To ensure the scheduled jobs run, change the user in the Run as field for each scheduled job to a user that has the HR admin role.
        Note: Changing the user allows the scheduled jobs to run, but only a user with the System Admin role can view and run a scheduled job on demand.
      • Change the scope of the application to Human Resources: Core application. For information on changing the scope, see Contextual development edit messages.
      • Reveal the Run as field. For information on revealing hidden fields on a form, see Configuring the form layout.
    • Log out and log back in to ensure that the changes take effect.
      Note: Ensure that you have completed setup before removing the HR Administrator role.
      Minimum number of scoped admins required
      System properties determine the minimum number (default is two) of scoped admins that must be active for an application. For example,
      • sn_hr_ef.min_admin_count = 2
      • You have two users with the sn_hr_core.admin role.
      • If you try to delete one of the users, an error message appears and prevents you from deleting the user.
      To list the properties, enter sys_properties.list in the filter navigator and search for the property to configure.
      The list of system properties and what scoped admin can access:
      Table 1. System Properties
      Property Name Scoped Admin
      sn_hr_core.min_admin_count HR admin [sn_hr_core.admin]
      sn_hr_ef.min_admin_count Employee Document Management admin [sn_hr_ef.admin]
      sn_hr_integrations.min_admin_count HR Integration Admin [sn_hr_integrations.admin]
      sn_hr_le.min_admin_count HR Lifecycle Event Admin [sn_hr_le.admin]
      sn_hr_le_pa.admin_count HR Lifecycle Event Performance Analytics Admin [sn_hr_le_pa.admin]
      sn_hr_pa.min_admin_count HR Performance Analytics Admin [sn_hr_pa.admin]
      sn_hr_pj.min_admin_count HR Parental Journey Admin [sn_hr_le_pj.admin]
      sn_hr_sp.min_admin_count HR Service Portal Admin [sn_hr_sp.admin]
      sn_hr_va.min_admin_count HR Virtual Agent Admin [sn_hr_va.admin]
      sn_templated_snip.min_admin_count Response Template Admin [sn_templated_snip.admin]
      sn_hr_ws.min_admin_count HR Agent Workspace Admin [sn_hr_ws.admin]
    • Remove HR Administrator role from IT System Administrator

      After system configuration, ensure that only the HR Administrator [sn_hr_core.admin] role has access to sensitive information. Remove the HR Administrator role from System Administrator [admin] role to prevent the System Administrator from viewing sensitive HR information.

    • Add Delegated Developer to HR Administrator

      For an HR Administrator [sn_hr_core.admin] to perform some platform duties, the delegated developer role must be added.

    • Manage HR Groups

      HR Groups are a set of users with common job skills.

    • HR skills management

      Your organization can define HR skills to establish the qualifications of HR staff. Skills can be included in the auto-assignment process used to assign HR agents to HR cases and tasks.

    • Add or modify escalation rules

      You can create an escalation process to assign HR cases to HR agents with the appropriate skills.

    • Client roles

      You can control what HR functionality that an employee can access using Client Roles. You can license all employees or provide HR services to users in a specific location or group.

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Manage HR roles

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Manage HR roles

      Roles control access to features and capabilities in modules in the HR application.

      The HR Service Delivery Scoped app prevents users outside of the HR organization from accessing HR data.

      Scoped roles for both HR case workers and HR clients (employees, contractors, alumni, and others) grant access to HR services. Users without an HR scoped role cannot view HR cases or HR profile information.

      Only the HR Administrator [sn_hr_core.admin] can assign scoped HR roles.

      To configure your system, you must log in as a System Administrator [admin]. The HR Administrator [sn_hr_core.admin] role is contained in the System Administrator [admin] role. The combination of these two roles allows a user to perform all tasks associated with configuring your system.

      After system configuration, ensure that only the HR Administrator [sn_hr_core.admin] role has access to sensitive information. Remove the HR Administrator role from System Administrator [admin] role to prevent the System Administrator from viewing sensitive HR information.

      After granting access to a role, all the groups or users assigned to the role also have access. Roles can contain other roles, and grants access to any role that contains it.
      Note: IT System Administrators (admin) and HR scoped users can still impersonate ServiceNow users. When impersonating a user with a scoped HR role, an admin or any HR scoped user cannot access features granted by that role. HR cases and profile information are not accessible. Only users with the scoped HR Administrator [sn_hr_core.admin] can see case details when impersonating other scoped HR users. Also, admin cannot change the password of any user with a scoped HR role. For more information on impersonating a user, see Impersonate a user.
      HR Performance Analytics
      To configure the Performance Analytics (PA) dashboard, assign the Performance Analytics Administrator [pa_admin] role to the HR Administrator [sn_hr_core.admin] role.
      Note: Only the System Administrator [admin] can assign PA roles to employees.
      Role Description
      System Administrator [admin] Also known as admin and IT admin.

      Within the global scope of the application, has access to all system features, functions, and data, regardless of security constraints.

      • Grant users with the delegated developer role [delegated_developer].
      • Build export sets, move content between instances (development to production), and clone instances.
      • Run guided setup or modules to manage:
        • Company-wide objects like user, departments, and locations.
      HR Administrator [sn_hr_core.admin]
      This role can:
      • Assign users any of the HR roles.
      • View and access the HR Service Portal.
      • View, create, and edit HR cases in HR Case Management.
      • Access and create HR tasks inside an HR case using the Add Task related link.
      • View, create, and edit HR profiles including sensitive information like SSN and salary.
      • Create HR profiles and generate for multiple users through custom criteria.
      • Associate any user to HR roles, groups, and skills.
      • View and access HR Administration.
      • View and access HR Dashboards & Reports.
      • Run Application View to manage:
        • HR objects like HR roles and profiles.
        Note: When the Human Resources Scoped App: Core (com.sn_hr_core) and Lifecycle Events (com.sn_hr_lifecycle_events) plugins are active, the Lifecycle Admin (sn_hr_le.admin) role is part of HR Admin (sn_hr_core.admin).
      Delegated Developer [delegated_developer] When added to the HR Administrator role, can:
      • Access, and manage HR objects like HR profile, cases, groups, roles, service catalog objects, and Service Portal.
      • Modify HR application-related objects like skills, Knowledge Base, chat, notifications, surveys, reports, integrations, and SC.
      • Modify application structures like tables, business rules, and client-side validation,
      User with HR role There are specific HR roles that allow users access to specific areas of the system. For example, the HR profile reviewer [sn_hr_core.profile_reader] role can read profiles, but not edit them.
      User without HR role Users without an HR role cannot access HR Service Delivery.
      User with no role Users with no role cannot see any HR information even on HR cases they created or have HR tasks assigned to them.
      After system configuration, to ensure that only HR Administrator has access to sensitive information and prevent the System Administrator from accessing sensitive information:
      • Remove the HR Administrator [sn_hr_core.admin] role from System Administrator [admin].
        • The base system requires a user with the System Administrator role to run scheduled jobs. For details on HR scheduled jobs, see Components installed with Case and Knowledge Management.
        • To ensure the scheduled jobs run, change the user in the Run as field for each scheduled job to a user that has the HR admin role.
          Note: Changing the user allows the scheduled jobs to run, but only a user with the System Admin role can view and run a scheduled job on demand.
        • Change the scope of the application to Human Resources: Core application. For information on changing the scope, see Contextual development edit messages.
        • Reveal the Run as field. For information on revealing hidden fields on a form, see Configuring the form layout.
      • Log out and log back in to ensure that the changes take effect.
        Note: Ensure that you have completed setup before removing the HR Administrator role.
        Minimum number of scoped admins required
        System properties determine the minimum number (default is two) of scoped admins that must be active for an application. For example,
        • sn_hr_ef.min_admin_count = 2
        • You have two users with the sn_hr_core.admin role.
        • If you try to delete one of the users, an error message appears and prevents you from deleting the user.
        To list the properties, enter sys_properties.list in the filter navigator and search for the property to configure.
        The list of system properties and what scoped admin can access:
        Table 1. System Properties
        Property Name Scoped Admin
        sn_hr_core.min_admin_count HR admin [sn_hr_core.admin]
        sn_hr_ef.min_admin_count Employee Document Management admin [sn_hr_ef.admin]
        sn_hr_integrations.min_admin_count HR Integration Admin [sn_hr_integrations.admin]
        sn_hr_le.min_admin_count HR Lifecycle Event Admin [sn_hr_le.admin]
        sn_hr_le_pa.admin_count HR Lifecycle Event Performance Analytics Admin [sn_hr_le_pa.admin]
        sn_hr_pa.min_admin_count HR Performance Analytics Admin [sn_hr_pa.admin]
        sn_hr_pj.min_admin_count HR Parental Journey Admin [sn_hr_le_pj.admin]
        sn_hr_sp.min_admin_count HR Service Portal Admin [sn_hr_sp.admin]
        sn_hr_va.min_admin_count HR Virtual Agent Admin [sn_hr_va.admin]
        sn_templated_snip.min_admin_count Response Template Admin [sn_templated_snip.admin]
        sn_hr_ws.min_admin_count HR Agent Workspace Admin [sn_hr_ws.admin]
      • Remove HR Administrator role from IT System Administrator

        After system configuration, ensure that only the HR Administrator [sn_hr_core.admin] role has access to sensitive information. Remove the HR Administrator role from System Administrator [admin] role to prevent the System Administrator from viewing sensitive HR information.

      • Add Delegated Developer to HR Administrator

        For an HR Administrator [sn_hr_core.admin] to perform some platform duties, the delegated developer role must be added.

      • Manage HR Groups

        HR Groups are a set of users with common job skills.

      • HR skills management

        Your organization can define HR skills to establish the qualifications of HR staff. Skills can be included in the auto-assignment process used to assign HR agents to HR cases and tasks.

      • Add or modify escalation rules

        You can create an escalation process to assign HR cases to HR agents with the appropriate skills.

      • Client roles

        You can control what HR functionality that an employee can access using Client Roles. You can license all employees or provide HR services to users in a specific location or group.

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login