Does anyone know if it's possible to expose a reference field variable on a public Service Portal page?

Angelo Surian · ‎07-09-2020

Hi everyone! Been pouring over community content and can't seem to find the answer to this. Before I go any further, does anyone know if it's possible to expose a reference field variable to unauthenticated users on a public Service Portal page?

Any guidance/solution would be appreciated. Thx.

Angelo Surian · ‎07-13-2020

Ok so this thorn in my side has finally been removed. I hope that this helps others looking for a similar solution. Please mark as Helpful if it does.

Here are the requirements for exposing a service portal page with a record producer/catalog item with reference variables to unauthenticated users:

1) All Service Portal pages for the SP Portal you wish to expose must be set to Public = true

2) Any widgets that are part of this portal must be set to Public = true

3) The record producer / catalog item must have the "public" role added to Roles

4) All variables that are part of the record producer/catalog item must have "public" added to Read roles, Create roles, and Write roles permissions.

5) And for the most important one, if you wish to expose reference field variables, you will need to add a processor execute ACL called "SPListDataProcessor" There is already an OOB ACL for this that SP leverages but you can leave that one alone. Just add a new one with no required roles and nothing in the script field like this.

View solution in original post

Abinash · ‎03-25-2021

Hi angelo, I think the issue seems to happen if the table am referring to in the varible is again a reference field. So the scenario is i have a custom table to which the variable is reffering and then in that custom field the field which is present is again reffering to cmdb business application table. So this is my scenario and i want to see that value..can you think of something..i even modified all the acls and gave public role for read operations to business apllication table

Angelo Surian · ‎03-25-2021

Maybe provide an image of your variable configuration for what you're detailing.

Steve Vong1 · ‎05-08-2022

Thank you so much, Angelo...would not have been able to get this to work otherwise.

Just one additional note: With Explicit Roles enabled, the system won't let you create an ACL without a role attached; it will keep trying to tack on "snc_internal". The workaround for us was to remove "snc_internal" and add in role "public" in its place.

Arunava1 · ‎04-22-2023

Thanks for this !!.. but not sure if ServiceNow allowed you to create the ACL without a role back in 2020. Now a days it does not allow so. However I got into the same situation and create a ACL for SPListDataProcessor with "public" role and it worked. BTW, for the audience who still gets into this situation, don't forget to add ACLs to your tables with "public" roles and make everything related to the record producer as public. Also, It is required to make the original SPListDataProcessor as Inactive.

maheshn · ‎07-15-2020

Hi,

Go to sys_public.LIST and create entry for user table.

But exposing user data to unauthenticated user is risky