RESTRICTING INC RECORD ACCESS TO SPECIFIC INDIVIDUAL(S)

adaptivert · ‎08-29-2023

Hello. I am trying to address a requirement that would restrict access to an INC record visible only to certain individual(s). The Universal Request integration - Incident Management plugin and the process behind it does not meet our straight forward requirement.

However, I encountered the following KBs and wondered if anyone one from the customer that wrote the KAs can help on how they implemented the capability. Thank you in advance.

https://berkeley.service-now.com/kb_view.do?sysparm_article=KB0010928

https://berkeley.service-now.com/kb_view.do?sysparm_article=KB0010927

@Terri Kouba @tangcov

Luiz Lucena · ‎08-29-2023

Hello,

We did that by creating a custom role and ACLs on that role allowing only the teams with our custom role to view incidents assigned to them.

Once we integrated with Universal Request we added another ACL on the URs assigned to same teams.

That should give you an idea where to go.

Regards,

Luiz Lucena

adaptivert · ‎08-29-2023

Hello Luiz. We appreciate your help. The universal request integration is not something that will address our specific requirement. We have a situation that a specific INC record would be restricted to a certain individual(s) not group. Your suggestion is already handled by the OOB universal request integration. Thank you for your support.

adaptivert · ‎08-29-2023

@Terri Kouba . do you have some inputs for this inquiry?

Terri Kouba · ‎09-06-2023

Hi.

We added a custom 'restricted' field to the Incident table to achieve this result.

Once the incident is restricted, the people on the incident can state which groups and/or users can see the incident.

This is particularly useful when there is private and/or secure information on the incident that not everyone should see.

Thanks,

Terri