Table ACL vs Field ACL

Lisa71
Tera Contributor

3 weeks ago

If a table ACL allows everyone to access the table, but there is also a field ACL on a specific field that allows only the admin role, which one takes precedence?
In this case, will everyone be able to access the field because the table ACL is open to all users, or will only admin users be able to access the field due to the field ACL restriction?
0 Helpfuls
  • 711 Views
14 REPLIES 14

Tejas Adhalrao
Tera Guru

3 weeks ago

hi @Lisa71  ,

Table ACL: allows all users

Field ACL (for that field): allows only admin

 

Result: Only admin users will be able to access that field.
Other users can still see the record (because of the table ACL), but the restricted field will be blank or hidden for them.

 

meaning the field ACL overrides the table ACL for that field.

 

 

 If you found my solution helpful, please mark it as Helpful or Accepted Solution...!

thanks,

tejas

Email: adhalraotejas1018@gmail.com

LinkedIn: https://www.linkedin.com/in/tejas1018

 

 

0 Helpfuls

Ankur Bawiskar
Tera Patron

3 weeks ago

@Lisa71 

Output -> only admins can read/write that field as there is a field level READ/WRITE ACL

Others -> Can only see if Table.None READ IS Passed, Even if Table.None WRITE is passed, non-admin can't edit

see this for reference

AnkurBawiskar_0-1768809527569.png

 

Understanding Table-First Access Control Evaluation in ACLs 

Evaluating Row level and Field level ACLs 

Security setup: ACL evaluation order – Best Practice 

💡 If my response helped, please mark it as correct and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Ankur Bawiskar
Tera Patron
In response to Ankur Bawiskar

3 weeks ago

@Lisa71 

Hope you are doing good.

Did my reply answer your question?

💡 If my response helped, please mark it as correct and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Lisa71
Tera Contributor
In response to Ankur Bawiskar

3 weeks ago

Thank you. If there's "tablename.*"  acl (*means all fields) allows everyone to access all the fields, plus the table ACL to allow everyone, and field acl to allow only admin to access field A, will the field A be accessible to everyone or only admin? Per my testing, everyone can access field A, so I'm confused now. 

0 Helpfuls

Tejas Adhalrao
Tera Guru

3 weeks ago

Hi @Lisa71  ,

 

In ServiceNow, the Field ACL restriction will take precedence. Even if the Table ACL allows everyone, a specific Field ACL acts as a second "lock." Only Admin users will be able to see or edit that field.

 

 

 If you found my solution helpful, please mark it as Helpful or Accepted Solution...!

thanks,

tejas

Email: adhalraotejas1018@gmail.com

LinkedIn: https://www.linkedin.com/in/tejas1018

 

0 Helpfuls