Used script to pass the ACL
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago
We got the requirement that column b in user table only viewed by Admin. But this field column B will be used to calcalate in portal for end user. How does we handle it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago - last edited 5 hours ago
Hi @JackieZhang ,
You can handle this requirement in ServiceNow with field-level ACLs + calculated/display values:
Restrict visibility in the user form:
Create a read ACL on sys_user.column_b so only admin role can view it.
This ensures non-admins cannot see the field in forms/lists.
Still use it for portal calculations:
End users don’t need direct access to the field.
Expose the calculated result instead, either by:
A Display Business Rule → populate a new display-only field (e.g. calculated_value) with logic using column_b.
Or a Scripted API / Widget server script → fetch column_b, do the calculation server-side, and return only the result.
This way, admins see Column B, but end users only see the calculated output, never the raw field.
Thanks & Regards,
Muhammad Iftikhar
If my response helped, please mark it as the accepted solution so others can benefit as well.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 hours ago
You means widget server script will pass the acl directly without any other special settings. thank you very much, I will try it
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 hours ago
you can use field level READ ACL on that field and add admin role
If you are using GlideRecord in your portal script then ACL won't impact.
ACLs are only evaluated when you use GlideRecordSecure
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 hours ago
Hi,
You can handle this with ACLs + Script logic:
Restrict column B visibility:
Create a field-level ACL on sys_user.column_b.
Grant read access only to admin role.
This hides it in forms, lists, and API responses for non-admins.
Still use it for calculations in portal:
In your portal widget/script, do not expose column_b directly.
Instead, create a calculated field / GlideAjax / Scripted REST API that fetches the value, runs the calculation server-side, and only returns the derived result to end users.
ex::
// Script Include (callable from portal)
getUserCalc: function(userId) {
var user = new GlideRecord("sys_user");
if (user.get(userId)) {
// use column_b internally
var result = user.column_b * 2; // example calc
return result;
}
return 0;
}
