- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
7 hours ago
I had to create a new event to be fired by a BR and a flow because the OOB event (i.e., external.authentication.failed) does not exist in the event registry and cannot be selected for the script action.
The BR and the flow on the sysevent table are firing for me (admin) but not for other users (i.e., snc_internal & snc_external). The BR and flow fire an event to be processed by a script action. The BR and flow has no roles assigned to them. The sysevent table ACLs are OOB.
For clarity, "external.authentication.failed" is not found in the event registry and therefore cannot be selected in the script action. Because of that, I have to fire a new event from a BR and a flow. The filter conditions are sysevent.name is external.authentication.failed. If condition is met, then fire the new event which will be processed by a script action.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 hours ago
Your response made me think of renaming the event I created to external.authentication.failed. After I did that the script action executes for all users. THANK YOU!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago
Hi @Runel,
Non-admin users do not have the necessary read ACLs on the sysevent table to evaluate the record that was just created, so the conditions of your rule/flow are never met for them. The entire approach of using a rule on the sysevent table to re-trigger another event is not a recommended practice.
The correct and much simpler solution is to use a Script Action directly. The "Event name" field in a Script Action is a string field; you do not have to select from the dropdown. You can simply manually type external.authentication.failed into that field. The Script Action will then trigger correctly whenever the system generates that event, without needing a registered event or a secondary BR/Flow. This is the intended OOB method for reacting to system-level events that are not in the registry. You should deactivate your BR and Flow and use this direct approach.
Hope this helps!
Thanks & Regards,
Muhammad Iftikhar
If my response helped, please mark it as the accepted solution and helpful so others can benefit as well.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago
The "Event name" is a reference field. It seems the field type was changed during the query_range ACL implementation.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
4 hours ago
Your response made me think of renaming the event I created to external.authentication.failed. After I did that the script action executes for all users. THANK YOU!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago
Did you make sure Flow is Configured to Run as -> System User ?
is the BR condition getting satisfied?
share BR and flow config screenshots.
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
