How to Restrict Access to Specific Attachment Records in ServiceNow?

Satyam123 · ‎04-08-2025

Is it possible to restrict access to a particular attachment record in ServiceNow so that only certain users or groups can download or view the attachment? I need a way to enforce permissions for specific attachments that differ from the default record-level access. How can this be achieved?

Sandeep Rajput · ‎04-08-2025

@Satyam123 I am assuming the attachment you are referring to has a unique characteristic (name, file type etc) which differs it from the other attachments. If this is the case then you can modify the existing read ACLs on the sys_attachment table and add checks for this file type. Only users with specific role can access it, others without the role will not see the file in attachment.

Satyam123 · ‎04-10-2025

i am asking about any specific record not on the whole attachment table, suppose i have two document attach and i want to show one doc to any user like it can be between 2 user , 3 and soon

Shivalika · ‎04-08-2025

Hello @Satyam123 ,

You can create an ACL on "sys_attachment" table with all the conditions that you require and add the specific roles.

If a group of users then in script you can add that

answer = gs.getUserID().isMemberOf('group sys_id');

Try it let me know.

Kindly mark my answer as helpful and accept solution if it helped you in anyway. This will help me be recognized for the efforts and also move this questions from unsolved to solved bucket.

Regards,

Shivalika

My LinkedIn - https://www.linkedin.com/in/shivalika-gupta-540346194

My youtube - https://youtube.com/playlist?list=PLsHuNzTdkE5Cn4PyS7HdV0Vg8JsfdgQlA&si=0WynLcOwNeEISQCY

Satyam123 · ‎04-10-2025

i am asking about any specific record, not on the whole attachment table. suppose i have two document attach and i want to show one document to any user, like it can be between 2 user , 3 and soon