- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-20-2018 10:21 AM
We have an EXTERNAL business partner (vendor) who we are considering granting very limited access to our instance (specifically to incident management), so they can enter and update incidents reported to them by our company's employees.
Limited functionality would include:
-Logging into the Fulfiller UI only; no access to the Service Portal
-Viewing/using the Incident and Service Desk applications; not the Service Portal
-Once logged into the Fulfiller UI, they should just be able to see incidents where they were the creator, they have been listed on the Watch/Work lists OR assigned to their assignment group.
What are the best practices around allowing very limited access to the fulfiller UI for EXTERNAL users?
Based on feedback received from the ServiceNow platform team, I completed the following steps:
1.) Created a new role named 'avb_external_network_vendor'
2.) Created a new group named ' External Network Vendor'
3.) Created a new user named 'External Users' to the group
4.) Assigned the role to the Incident and Service Desk applications
5.) Created an incident query named 'incident query_external_network_vendor'
6.) Impersonated the external user and verified that the applications displayed as expected. I discovered the Service Portal was visible because it is not restricted by role (visible to all fulfillers). I understand that I can control the visibility of the Service Portal application by role but I'd prefer to use an alternative method (script, business rule, etc.) to hide the application option for this "one-off" business need rather than constantly having to update the access to the application menu option each time we add a new "internal use" role for a scoped application, etc. (which occurs quite frequently). Has anyone else come up with a creative way to hide the Service Portal application in the fulfiller UI and/or limit access to ALL Service Portal widgets, catalog items, etc. based on role or group?
Overall approach as it relates to setting up an external user, am I on the right track? Is there a better way to accomplish this task?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-20-2018 10:25 AM
Why you don't use User Crteria ?
https://docs.servicenow.com/bundle/jakarta-servicenow-platform/page/build/service-portal/task/create-user-criteria-record.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-20-2018 10:25 AM
Why you don't use User Crteria ?
https://docs.servicenow.com/bundle/jakarta-servicenow-platform/page/build/service-portal/task/create-user-criteria-record.html
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-26-2018 01:47 PM
Hi Mike,
Thank you for responding. Would I have to set the user criteria for each page or widget? I am hopeful that I can limit access based on the highest level page versus each item. If it isn't already apparent, I do not have much experience with administering the Service Portal.However, I am doing my best to learn. Our service portal was set up by an experienced developer who is no longer with our organization. Would you be able to provide me a little more direction? I can't even locate the related lists to specify Who Can View or Who Cannot View.
Thanks,
Cyndi
