Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Widget - SnRecordePicker Role Issue

sanjaySSK
Tera Contributor

‎09-28-2025 10:33 PM

Hi,

I am working on a custom application. I have a widget where I am using SnRecordPicker to show the list of users based on some filters. As an Admin, I am able to see the users in the field. But when an ITIL User is trying to access the field they are not able to see any users (Just showing 'Searching').

When I checked the network Console I am getting below error-

{
"error": {
"message": "Insufficient rights to query records",
"detail": "Field(s) present in the query do not have permission to be read"
},
"status": "failure"
}

After some research I got to know this is happening because of the system property "glide.export.query.enforce_field_acl".

Can you please suggest some other way to achieve it, because as I am working in Custom application so I cannot make any changes to the OOB ACLs and System Property. I need some alternate way to get the users in the field.

Thanks in Advance!

Preview file
12 KB
Preview file
11 KB
0 Helpfuls
  • 546 Views
5 REPLIES 5

Ankur Bawiskar
Tera Patron
Tera Patron

‎09-28-2025 10:59 PM

@sanjaySSK 

seems that itil user is not getting satisfied some field level READ ACL on sys_user table.

Also issue could be due to query_range ACL

 

AnkurBawiskar_0-1759125350341.png

 

see this link

Reference variable not visible in Portal for non-admin user but visible in classic view 

Did you try creating Table.None query_range ACL?

see this article

Ways to analyze and fix the query_range issue in portals using Access Analyzer 

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

Ankur Bawiskar
Tera Patron
Tera Patron
In response to Ankur Bawiskar

‎09-29-2025 09:20 PM

@sanjaySSK 

Hope you are doing good.

Did my reply answer your question?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls

sanjaySSK
Tera Contributor
In response to Ankur Bawiskar

‎09-29-2025 09:36 PM

Hi Ankur,

Thank you for the answer. I did go through the links provided by you.
But the issue is I am working on Custom Apps so I cant create/modify anything in Global Scope. 
Like query range ACL Creation in sys_user table OR disabling the system property.

Is there any way which I can use instead of snrecordpicker  which should not check for the access and get the user records.

0 Helpfuls

sanjaySSK
Tera Contributor

‎10-13-2025 01:40 AM

@Ankur Bawiskar 

Can you please suggest something, in my problem scenario?

0 Helpfuls