What is the difference between Table ACLs and Field ACLs?

Go to solution
kishorchika
Tera Contributor

3 hours ago

What is the difference between Table ACLs and Field ACLs?

0 Helpfuls
  • 65 Views
1 ACCEPTED SOLUTION

Go to solution
Dr Atul G- LNG
Tera Patron
Tera Patron

3 hours ago

Hi @kishorchika 

 

Table ACLs (Access Control Lists)

  • What it controls: Access to entire records in a table.

  • Use case: Determines whether a user can read, write, create, or delete records in a given table.

  • Example: A Table ACL on the Incident table controls whether a user can access any incident records at all.

🔐 Field ACLs

  • What it controls: Access to individual fields within a record.

  • Use case: Even if a user has access to a record (via Table ACL), Field ACLs determine whether they can see or modify specific fields in that record.

  • Example: A Field ACL on the Incident.priority field can restrict users from editing the priority, even if they can view the rest of the incident.

⚙️ How They Work Together

  1. Field ACLs are more specific than Table ACLs.

  2. If both exist, both must grant access. If either denies, access is denied.

  3. ServiceNow checks access in this order:

    • Specific Field ACL

    • Table-level Field ACL (e.g., incident.*)

    • Table ACL

Quick Summary

Type Scope Controls Access To Example
Table ACL Whole table Record-level access (CRUD) Can the user view Incident records?
Field ACL Specific fields Field-level access (Read/Write) Can the user change priority field?
*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

View solution in original post

2 REPLIES 2

Go to solution
Dr Atul G- LNG
Tera Patron
Tera Patron

3 hours ago

Hi @kishorchika 

 

Table ACLs (Access Control Lists)

  • What it controls: Access to entire records in a table.

  • Use case: Determines whether a user can read, write, create, or delete records in a given table.

  • Example: A Table ACL on the Incident table controls whether a user can access any incident records at all.

🔐 Field ACLs

  • What it controls: Access to individual fields within a record.

  • Use case: Even if a user has access to a record (via Table ACL), Field ACLs determine whether they can see or modify specific fields in that record.

  • Example: A Field ACL on the Incident.priority field can restrict users from editing the priority, even if they can view the rest of the incident.

⚙️ How They Work Together

  1. Field ACLs are more specific than Table ACLs.

  2. If both exist, both must grant access. If either denies, access is denied.

  3. ServiceNow checks access in this order:

    • Specific Field ACL

    • Table-level Field ACL (e.g., incident.*)

    • Table ACL

Quick Summary

Type Scope Controls Access To Example
Table ACL Whole table Record-level access (CRUD) Can the user view Incident records?
Field ACL Specific fields Field-level access (Read/Write) Can the user change priority field?
*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************

Go to solution
pranita-24
Tera Guru

3 hours ago

Hi,

Table ACLs control access at the record level — they decide if a user can create, read, write, or delete a record in a table.

Field ACLs go deeper, controlling access to individual fields inside a record. For example, a user may be able to view an incident (Table ACL) but not see the “Caller” field (Field ACL).