How do I restrict users to only see records assigned to Assignment groups they are members of?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2023 01:01 AM
Hi,
how do I restrict users to only see records (incidents, xxTasks, problems, changes ) assigned to Assignment groups they are members of and caller to? I have created a specific role since the restriction should not apply to users with the role itil.
Why we would like to have this restriction is that we have supportgroups out in the business that should not be able to see and work with all incidents, SCTasks, problems and so on.
I am thinking maybe BR or ACL?
New to Servicenow and developing so any help would be highly appreciated, thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2023 01:21 AM
Hi @Malin1 ,
Please see the KB article from 2022 which describes the answer to your question: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0748356
If my answer has helped with your question, please mark my answer as accepted solution and give a thumb up.
best regards
Anders
If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.
Best regards
Anders
Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2023 01:28 AM
Hi @Malin1 ,
You can write a BR on the particu;ar table, with condition
Condition: gs.getUser().isMemberOf("YourGroupNameHere")
Steps to Perform
- Create a Before -Query Business rule on 'Incident' table
- In the Advanced tab, set the condition as:
!gs.getUser().isMemberOf('<group name to be restricted for other users>')
- In the script field, update sys_id of the group to be restricted
(function executeRule(current, previous /*null when async*/ ) {
var grp = current.addNullQuery('assignment_group').addOrCondition('assignment_group','!=','<sys_id of the group to be restricted for other users>');
})(current, previous);
This Before-Query Business rules restrict the incidents assigned to the specific group visible only to those group members
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2023 01:32 AM
Hi,
thank you for your quick response and guidance. I have managed to create this BR and it works. But is it possible to make the BR to apply to all Assignment groups the user is member of and not just one?
Thanks!

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-06-2023 01:39 AM