Quick Tips - ServiceNow development

• Working with views

1. When creating a view, you can assign a role, so that the view is available to selective users with that role
2. View rules can be created to auto select the view based on conditions or roles
3. When creating a view, it can be marked as ‘Hidden’, which allows only admin users to see the view, while remaining hidden from rest of the users for selection

• Avoid using a direct dot walking approach to fetch a field’s value as it brings all the table’s fields values in the memory, rather use getValue() or getDisplayValue() to fetch the value else use the GlideElement API’s toString() after the dot walked field

• The user profiles being used as Service Accounts should be made Web Service user only, to avoid these user profiles to be used for logging into the system

• Login.do (or the back door access) should be available to only a handful of users to not expose the instance for vulnerabilities. All other users should go via SSO and MFA

• When parsing a JSON object, either make sure the key exists (via a validation) or use the latest JS feature of optional chaining to extract the JSON key value, else the absence of the parent key will cause unhandled exception at runtime

• If you have to store some external service account, and you are using system property to store it, use the type as Password2 (which will wrap it with AES encryption) and additionally add roles who all can read or write this property for additional security. In addition, you may mark the ‘Private’ flag true which avoids this property to be moved between instances

Any other quick tips that you can think of right now?
Comment below!