Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

How Enforce Security Rule works?

Kohei Tominaga1
Tera Expert

‎06-25-2024 10:34 PM

Hello,

 

I have learned that there are system properties glide.enforce_security_scope.<scope_name> which secure the HR data from accessing by non-HR users.

I have read Docs and KB article but I could not fully understand how it works.

 

Is there anyone who can tell me the details listed below?

- Where do those properties work? sys_attachment, question_answer, and???
- What is the condition for those properties to work. For example, the record on sys_attachment table have no application scope, and its parent record such as HR case does not have application scope. But it seems that glide.enforce_security_scope.sn_hr_core is working.

- Docs is saying that only Global scope ACL is excluded but KB is saying every ACL other that the specific scope is excluded. Which is correct?

- During security debug, it is not working on debug log. I mean even if the access is denied, the log shows Pass. Is this a bug?

  • 725 Views
1 REPLY 1

Andrew G
Tera Expert

‎07-16-2025 01:29 PM

I am also interested.

Could you share the Docs and KB Articles you read?

0 Helpfuls