The CreatorCon Call for Content is officially open! Get started here.

Guidance on Allowing External Logged-In Users to Submit Incidents

RohitPapann
Tera Contributor

Hi Community,

I am working on a small project in my ServiceNow developer instance, and here are the steps I’ve completed so far:

  • Raise a Lead – A customer shows interest in the product/service.

  • Generate a Quote – Sending them a price estimate.

  • Complete an Order – Customer accepts the quote and places the order.

  • Customer Portal – Customer can track orders or raise issues.

  • Incident Management – Customers can raise incidents if there’s a problem with the order.

Now I want to extend this by exposing the Incident table, but only for logged-in external users.

Requirement:

  • Instead of making the incident form public (open to anyone without credentials), I want only authenticated external users to be able to:

    • Authenticate (login)Submit an Incident via the portal.

👉 Can you please guide me on the correct approach to achieve this?

  • Should I configure CSM external users/roles?

  • Are there specific ACLs or portal configurations needed?

  • What’s the best practice to allow authenticated external users to create incidents securely?

Any step-by-step guidance or references would be really helpful.

Thanks in advance!

1 ACCEPTED SOLUTION

YaswanthKurre
Tera Guru

Hi @RohitPapann ,

 

Please follow the below steps:

 

  • Create a Record Producer for the Incident table.

  • Set the Record Producer to be available only to snc_external role.

  • Add the Record Producer to your Service Portal page.

  • Impersonate as snc_external  user and ensure only authenticated users with the snc_external role can access the Record Producer not public users.

  • No need to expose the Incident table directly, as the Record Producer handles incident creation securely for authenticated external users.

 

The Explicit Roles (com.glide.explicit_roles) plugin provides the snc_external and snc_internal roles and this should be already installed to you as you are using CSM.

 

 

Please mark this as helpful and correct if this answers your question.

 

Thanks,

Yaswanth.

 

 

 

View solution in original post

1 REPLY 1

YaswanthKurre
Tera Guru

Hi @RohitPapann ,

 

Please follow the below steps:

 

  • Create a Record Producer for the Incident table.

  • Set the Record Producer to be available only to snc_external role.

  • Add the Record Producer to your Service Portal page.

  • Impersonate as snc_external  user and ensure only authenticated users with the snc_external role can access the Record Producer not public users.

  • No need to expose the Incident table directly, as the Record Producer handles incident creation securely for authenticated external users.

 

The Explicit Roles (com.glide.explicit_roles) plugin provides the snc_external and snc_internal roles and this should be already installed to you as you are using CSM.

 

 

Please mark this as helpful and correct if this answers your question.

 

Thanks,

Yaswanth.