Restricting Non-Admin Users from Accessing Classic UI and Redirecting to Custom Service Portal

TejasN505724351 · 3 weeks ago

Hello ServiceNow Community,

I have built a custom Service Portal and I want to restrict non-admin users from accessing the classic ServiceNow UI.

Problem Statement:

When a non-admin user removes the portal URL suffix and navigates directly to the base instance URL they are able to access the classic ServiceNow UI instead of being restricted or redirected back to the custom portal.

What I have tried so far:

Set glide.login.home system property to the custom portal suffix
Ensured non-admin users have only a custom role without itil or admin
Cleared cache via cache.do

None of the above approaches have successfully prevented non-admin users from accessing the classic UI.

Expected Behavior:

Non-admin users should not be able to access the classic ServiceNow UI under any circumstance. If they attempt to navigate to the base instance URL they should be automatically redirected to the custom portal.

Any guidance, workarounds, or best practices would be greatly appreciated.

Thank you in advance!

Tanushree Maiti · 3 weeks ago

Hi @TejasN505724351

Refer this KB : KB0994806 Restrict ESS or non-role users from navigating to native UI by manipulating the URL

Please Accept the solution if it assisted you with your question & Mark this response as Helpful.
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti

yashkamde · 3 weeks ago

Hello @TejasN505724351 ,

Actually glide.login.home only dictates where a user lands immediately after login. It doesn't actively check the URL if a user manually types in the base instance address later.

ServiceNow uses a Script Include called SPEntryPage to decide where users should go, so you just need to flip on the existing logic.

Steps :

1) Locate SPEntryPage Script Include

2) By default, it checks if a user has no roles. Since you gave your users a custom role, the system thinks they are internal users and allows them into the classic UI.

3) Create System Properties :

a) glide.entry.page.script - Value - new SPEntryPage().getLoginURL()

b) glide.entry.first.render.page.script - Value - new SPEntryPage().getFirstPageURL()

For modifying the redirection logic :

If you want all non-admins (including those with your custom role) to be forced into the portal, you need to tweak the SPEntryPage script.

Copy the SC, Inside the getFirstPageURL function, look for the logic that checks for roles. You’ll want to modify it so that unless gs.hasRole('admin') is true, the portal variable is returned.

If my response helped mark as helpful and accept the solution.

Ankur Bawiskar · 3 weeks ago

@TejasN505724351

you can use UI script approach for this

ServiceNow KB also recommends this

KB0994806 Restrict ESS or non-role users from navigating to native UI by manipulating the URL

Something like this

addLoadEvent(function() {
    if (!g_user.hasRoleExactly('admin') && document.URL.indexOf('.do') != -1) {
        window.location = '/sp'; // give your portal suffix here
    }
});

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader

Ankur Bawiskar · 3 weeks ago

@TejasN505724351

Just a quick follow-up—were you able to review the links above and try the suggested approach?
Please let me know if you need any assistance.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 10x ServiceNow MVP || ✨ ServiceNow Community Leader