- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-17-2025 11:59 PM
Hi Community,
I am working on a small project in my ServiceNow developer instance, and here are the steps I’ve completed so far:
Raise a Lead – A customer shows interest in the product/service.
Generate a Quote – Sending them a price estimate.
Complete an Order – Customer accepts the quote and places the order.
Customer Portal – Customer can track orders or raise issues.
Incident Management – Customers can raise incidents if there’s a problem with the order.
Now I want to extend this by exposing the Incident table, but only for logged-in external users.
Requirement:
Instead of making the incident form public (open to anyone without credentials), I want only authenticated external users to be able to:
Authenticate (login) → Submit an Incident via the portal.
👉 Can you please guide me on the correct approach to achieve this?
Should I configure CSM external users/roles?
Are there specific ACLs or portal configurations needed?
What’s the best practice to allow authenticated external users to create incidents securely?
Any step-by-step guidance or references would be really helpful.
Thanks in advance!
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-18-2025 11:15 PM - edited 09-18-2025 11:16 PM
Hi @RohitPapann ,
Please follow the below steps:
Create a Record Producer for the Incident table.
Set the Record Producer to be available only to snc_external role.
Add the Record Producer to your Service Portal page.
Impersonate as snc_external user and ensure only authenticated users with the snc_external role can access the Record Producer not public users.
- No need to expose the Incident table directly, as the Record Producer handles incident creation securely for authenticated external users.
The Explicit Roles (com.glide.explicit_roles) plugin provides the snc_external and snc_internal roles and this should be already installed to you as you are using CSM.
Please mark this as helpful and correct if this answers your question.
Thanks,
Yaswanth.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-18-2025 11:15 PM - edited 09-18-2025 11:16 PM
Hi @RohitPapann ,
Please follow the below steps:
Create a Record Producer for the Incident table.
Set the Record Producer to be available only to snc_external role.
Add the Record Producer to your Service Portal page.
Impersonate as snc_external user and ensure only authenticated users with the snc_external role can access the Record Producer not public users.
- No need to expose the Incident table directly, as the Record Producer handles incident creation securely for authenticated external users.
The Explicit Roles (com.glide.explicit_roles) plugin provides the snc_external and snc_internal roles and this should be already installed to you as you are using CSM.
Please mark this as helpful and correct if this answers your question.
Thanks,
Yaswanth.
