Shamma Negi
Kilo Sage
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
2 hours ago
Hi All,
Today I will cover Why Inbound Email Doesn’t Trigger for External Users and what we can do to resolve this and make it work only for our specified and trusted users.
There are a few intentional design reasons of why ServiceNow doesn't allow running Inbound flows for users not present in sys-user table:
✅ 1. Security and Authentication
ServiceNow only allow authenticated users in the system means users who are present in sys_user table with class as "User". Only they are allowed to trigger actions like creating or updating records to prevent unauthorized data entry.
✅ 2. Spam & Noise Prevention
Processing random emails from unknown addresses could fill the system with unwanted records or create spam tickets.
✅ 3. Consistent User Context
Many workflows rely on the user context (created by/opened by) If the user doesn’t exist in the system, it becomes harder to apply business logic consistently.
🧠 What Happens When a Sender Is External?
Depending on your system configuration:
🔹 Email is Ignored
If no matching user is found, the email may be discarded before trigger flows.
🔹 Inbound Email Action Runs, but with No Assigned User
If the rule allows it, ServiceNow might process it with a fallback user (e.g., guest user), but this does not trigger normal CSM flows. Even if the email is processed the flow doesn't get triggered.
🔹 Manual Intervention Required
Admins have to manually convert or route such emails.
🚀 How to Enable External Email Processing
There are several patterns you can use if you want external addresses to create cases or trigger flows:
Create a common process to handle all the external customers should be present in "customer_contact" table and all the external vendors should be present in OOB vendor contact table.
Then write a flow which will use the below action as first action.
-
Lookup: Try to find
sys_userby email -
If not found → Create Contact record
-
Create Case linked to Contact
In Docs, it is recommended as below:
Important: Inbound email flows use the email sender as the user who initiates the session. If the system doesn't recognize the sender, the inbound email flow runs as the Guest user. Setting the inbound email flow to run as the user who initiates the session ensures that the flow actions are limited by user access controls. If the initiating user needs elevated privileges for some reason, have the inbound email flow call a subflow that runs with the required roles.
This worked for me. Try this out.
Thanks,
Shamma Negi
ServiceNow CTA
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
