Impersonating a user

Users with an admin or impersonator role can impersonate as any other user in the instance. This feature is useful for testing when making changes to applications and modules and to ensure proper security access.

There are three important user accounts that come by default with every developer instance:

• admin: The system administrator account with the admin role has access to all applications and modules
• itil: The Service Desk user with access to ITIL applications, such as incident management, problem management, change management, configuration management, service catalog, and so on
• employee: A normal user account with no role or group assigned and access to just the Self-service application

The user account serveradmin that we created is associated with the Server Administrators group and has a servers role granted. Let us try to impersonate as all of these users to see the differences:

To impersonate as a serveradmin user, when logged in as admin, click on the user info menu icon in the top Banner Frame and select the Impersonate User option. It will open up a small modal window titled Impersonate User:

In the Search for user field start typing the name of the user and the auto complete text box will help you select the most relevant user. Select the serveradmin user from the auto complete list and the page will reload and log you in to the instance as a Server Admin user:

At this point, you will have access to only those applications and modules that are accessible by the user you are currently impersonating.

You can repeat the steps to impersonate to log in as the user itil and ess to see how impersonation works and how groups and roles available to a group can affect access to different applications, modules, features, and capabilities in ServiceNow.

Once you are done with your testing, you can login back as Administrator simply by selecting Impersonate user in the User menu and selecting the System Administrator account.