Need to Mask/ encrypt the field values for some user roles
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Cant you lock down the fields with read ACL's on the specific fields?
If you set up those with a "required" role then only users with the given role is able to read the data in the fields while the fields are not available for users without the given role.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
you can use field level READ ACL to restrict the data.
Another better option is to use column level encryption which is free
Encrypting attachments using "Column Level Encryption"
💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hope you are doing good.
Did my reply answer your question?
💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Here standard security methods like Read ACLs typically hide the entire field or its value, not replace it with asterisks on user roles.
To show end users (on user role) see only masked /asterisks in specific String and Date,
- Create a Display Business Rule: The Business Rule runs on the server before the form is displayed, storing the original date/string value in a scratchpad variable for later use by the Client Script if the user has the appropriate role.
- Create an onLoad Client Script: The Client Script runs on the client (browser) after the form loads, checking the user's role and the scratchpad value to determine whether to display asterisks or the real date/string.
