OOB ACL on sc_req_item Restricting Read Access for Fulfillers – Need Help

Go to solution
saint
Tera Expert

‎07-16-2025 07:27 AM

 

This OOB ACL is restricting my fulfillers from viewing the RITM record under a REQ even when they're the requestors . I'm considering creating a separate ACL for the itil role to override this behavior. Is that the right approach? I prefer not to assign the asset role to my fulfillers at this time.

saint_0-1752675842971.png

 

0 Helpfuls
  • 812 Views
1 ACCEPTED SOLUTION

Go to solution
RathanK
Kilo Guru

‎07-16-2025 07:37 AM

Hello @saint 

 

Try using the script based ACL at this point.

Try using the below condition, let me know if this work for you.

 

gs.getUserID() == current.request.requested_for

 

 

If you found my response helpful, please give it a thumbs-up and designate it as solution accepted to support fellow developers and admins.


Regards,
Rathan K

View solution in original post

4 REPLIES 4

Go to solution
RathanK
Kilo Guru

‎07-16-2025 07:37 AM

Hello @saint 

 

Try using the script based ACL at this point.

Try using the below condition, let me know if this work for you.

 

gs.getUserID() == current.request.requested_for

 

 

If you found my response helpful, please give it a thumbs-up and designate it as solution accepted to support fellow developers and admins.


Regards,
Rathan K

Go to solution
BrianProvencher
Giga Guru

‎07-16-2025 07:38 AM

I think you have 2 options. You can either create a new ACL for the itil role, as you mentioned. Or you can elevate to security admin and edit the current ACL to include the itil role.

Go to solution
Ankur Bawiskar
Tera Patron

‎07-16-2025 07:40 AM

@saint 

there is already an OOTB read ACL on sc_req_item which gives itil, sn_request_write role users access to RITM.

Your fulfillers should have itil role and then they should see the RITM records.

AnkurBawiskar_1-1752676820400.png

 

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Go to solution
saint
Tera Expert

‎07-16-2025 08:41 AM

Hey everyone, thanks for the quick responses! After digging deeper into the system, I found that the OOB ACLs were deactivated to support some past requirements. I'm currently looking into the root cause and will proceed with a solution based on that. Really appreciate your support. I will keep this thread open till next week, and will come back if i have any following questions, or will mark a correct response from above based on the best recommended solution. Thank you once again!

0 Helpfuls