We've updated the ServiceNow Community Code of Conduct, adding guidelines around AI usage, professionalism, and content violations. Read more

Clarification on “None”, “*”, and “Field” options in ACL form

GollaMadhu
Kilo Contributor

yesterday

Hi All,

I need clarification on the Name field in the ACL form.

What is the exact difference between selecting None, star and a specific field name in the ACL?

When we use star or a specific field, how does it behave differently from None?

Are Conditions evaluated in all three cases (None, star, and specific field)?

How does the system decide which ACL takes precedence if multiple ACLs exist at record level (None), star level, and field level?

Could someone please explain this with a simple example?

0 Helpfuls
  • 95 Views
4 REPLIES 4

CN-L
Tera Contributor

3 hours ago

Hi @GollaMadhu,

 

I found the Super Access Control World: ACL Basics course on ServiceNow University really helpful in explaining ACLs.

GlideFather
Tera Patron
In response to CN-L

2 hours ago

OMG @CN-L the link is awesome, I love this course!!!

_____
100 % GlideFather experience and 0 % generative AI

CN-L
Tera Contributor
In response to GlideFather

2 hours ago

@GlideFather I know right!

0 Helpfuls

GlideFather
Tera Patron

3 hours ago

Hi @GollaMadhu,

 

  • Incident.none
    • manages access to the entire table
  • Incident.short_description
    • manages access to only this field
  • incident.*
    • called wild card
    • manages access to all the fields except of those that have explicitly record (as the short_description) above

Simplification > Incident has 10 fields where exist:

  • incident.short_description
  • incident.description
  • incident.category

The incident.* will manage the remaining 7 fields (10 without short description, description and category).

 

Simplification > Incident has 10 fields where exist:

  • incident.short_description
  • incident.description
  • incident.category
  • incident.subcategory
  • incident.priority

The incident.* manages the remaining 5 fields. Etc.

 

Be careful. If you will create a new field, it will be automatically getting the access rights from the wild card until it has its own explicit records.

 

And what was explained above requires operation types. The most common ones are:

  • read
    • to be able to see that field,
  • create
    • to create new records,
  • write
    • to update existing records,
  • delete
    • to remove records,

Plus, there are some more, such as report viewing or list editing:

Screenshot 2026-02-27 at 14.57.51.png

 

To create or modify ACL you need to elevate role to security_admin, standard admin can usually just view it but not more.

 

ACL can be inherited if a table is extended (e.g. Task > Incident, Task > Problem, ...) or when you create a new table, the basic operations ACLs (CRUD) are automatically created.

 

Let me know if you have more questins or if it makes sense

_____
100 % GlideFather experience and 0 % generative AI

0 Helpfuls