
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-02-2025 02:50 AM
"Work notes on incident forms where the assignment group is 'Desktop support' should be visible only to members of the 'Desktop support' group."
Can we restrict Create and Read access of Incidents to only 'Desktop support' group members?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-02-2025 03:11 AM
Hi @Community Alums
Create one "Deny-Unless" READ type ACL to meet your requirement. This single ACL would be enough to restrict the users(Not part of the group) from creating/reading the work notes. PFB.
Hope this helps.
Regards,
Siva

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-02-2025 03:21 AM
Not working
We have 2 OOB Read ACL on incident for sn_incident_write and sn_incident_read roles.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-02-2025 03:30 AM
@Community Alums
you already have field level READ AND WRITE on work_notes?
Are those OOB or custom ones?
You can use Deny unless ACL shared by @J Siva
OR
you can use onLoad client script + Display business rule to check group membership and then hide
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-02-2025 03:10 AM
Yes @Community Alums You can just create a read ACL on "worknotes" fields and group as group in the incident record - but read ACLs on worknotes field will also grant access. So measure that as well.
OR
If you only want to show it to one group members, Then choose the Type of ACL as "Deny Unless" and then mention this group.
Kindly mark my answer as helpful and accept solution if it helped you in anyway. This will help me be recognized for the efforts and also move this questions from unsolved to solved bucket.
Regards,
Shivalika
My LinkedIn - https://www.linkedin.com/in/shivalika-gupta-540346194
My youtube - https://youtube.com/playlist?list=PLsHuNzTdkE5Cn4PyS7HdV0Vg8JsfdgQlA&si=0WynLcOwNeEISQCY
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-02-2025 03:11 AM
Hi @Community Alums
Create one "Deny-Unless" READ type ACL to meet your requirement. This single ACL would be enough to restrict the users(Not part of the group) from creating/reading the work notes. PFB.
Hope this helps.
Regards,
Siva

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎04-02-2025 03:20 AM
Not working.
We have 2 Read ACL on incident for sn_incident_write and sn_incident_read roles.
I tried by deactivating those ACL, Still not working.
Any other solution?