Business application field value is not visible for non admin users

NAYEEMURR · 3 weeks ago

HI ,

in Business application > under availability > I had added one field, and this field and value inside that field is visible to admin but the same when I tried to test by impersonate with non admin user added field is visible to non admin user but inside that field value is not visible for non admin user.

Please help, I can't share screenshot

YaswanthKurre · 3 weeks ago

Hi @NAYEEMURR ,

You need to verify the Read ACLs for the table and specifically for that new field. Check the Field-Level Read ACL:

Navigate to System Security -> Access Control (ACL).
Filter for a type of record and an operation of read.
Look for an ACL whose Name matches the table.field_name (e.g., cmdb_ci_business_app.u_new_field).
If an ACL exists for that specific field, ensure the non-admin user's role (or group, or user) is listed in the Requires role related list or satisfies any Condition or Script in the ACL record.
If no specific field ACL exists, the table-level ACL applies.

Mark this as helpful and correct, if this helps you.

Thanks,

Yaswanth

Me Being Mustaq · 3 weeks ago

Assalamualaikum @NAYEEMURR ,

If the field is visible but its value is not for non-admin users, the issue is almost certainly related to field-level ACLs (Access Control Rules) or read permissions on the underlying table or field.

Field-level ACLs: ServiceNow secures field data using table and field-level ACLs (Access Control Rules). If there’s no “read” ACL for your new field (or for the referenced table, if it’s a reference field) that allows non-admin users, those users will see the field label but not its value. Admins bypass ACLs unless “Admin overrides” is turned off.
Recent Updates: Recent ServiceNow releases have tightened default security by requiring explicit ACLs for dot-walked and reference fields—even if users could view them in older versions

How to Fix:- Before modifying ACL first we need to elevate our role post that we can create and modify ACL

Check Field-Level Read ACLs
- Navigate to System Security > Access Control (ACL).
- Search for your table and the specific field (look for type = “field” and operation = “read”).
- If no ACL exists for that field, add one to allow read access to the necessary user roles or via a custom script.
- Ensure “Requires role” is populated with appropriate roles, OR if you want all authenticated users to see it, leave it blank (less secure).
Check Table-Level Read ACLs
- There must also be a table-level “read” ACL that the user passes. If there’s a restriction here, field ACLs won’t be evaluated.
Reference Fields
- If your field is a reference, also check ACLs on the referenced table—the user needs read access there too.

Example: Granting All Users Read Access

Add a new read ACL for your field, or update the existing one.
For simple access: set “Requires role” to empty, or add roles that should see this data.
For more control: check the “Advanced” box and set the script to answer = true; for broad access, or specify your logic.

Next Steps

Impersonate a user, enable “Debug Security Rules” (System Security > Debug Security Rules), view the record, and see which ACL is blocking access.

Adjust or create the necessary ACL for the field.

You may find below thread helpful:

If it is helpful, please hit the thumbs button please mark the answer as correct based on the impact!!

Kind Regards,

Shaik Mohammed Mustaq

Business application field value is not visible for non admin users

Assalamualaikum @NAYEEMURR ,

If the field is visible but its value is not for non-admin users, the issue is almost certainly related to field-level ACLs (Access Control Rules) or read permissions on the underlying table or field.

Recent Updates: Recent ServiceNow releases have tightened default security by requiring explicit ACLs for dot-walked and reference fields—even if users could view them in older versions

How to Fix:- Before modifying ACL first we need to elevate our role post that we can create and modify ACL

Check Field-Level Read ACLs

Navigate to System Security > Access Control (ACL).

Search for your table and the specific field (look for type = “field” and operation = “read”).

If no ACL exists for that field, add one to allow read access to the necessary user roles or via a custom script.

Ensure “Requires role” is populated with appropriate roles, OR if you want all authenticated users to see it, leave it blank (less secure).

Check Table-Level Read ACLs

There must also be a table-level “read” ACL that the user passes. If there’s a restriction here, field ACLs won’t be evaluated.​

Reference Fields

If your field is a reference, also check ACLs on the referenced table—the user needs read access there too.

Example: Granting All Users Read Access

Add a new read ACL for your field, or update the existing one.

For simple access: set “Requires role” to empty, or add roles that should see this data.

For more control: check the “Advanced” box and set the script to answer = true; for broad access, or specify your logic.

Next Steps

Impersonate a user, enable “Debug Security Rules” (System Security > Debug Security Rules), view the record, and see which ACL is blocking access.

Adjust or create the necessary ACL for the field.

There must also be a table-level “read” ACL that the user passes. If there’s a restriction here, field ACLs won’t be evaluated.