Question About EmailNotificationRedirectionSNC Behavior and sow_email_notification_redirect Property

Tadz
Tera Guru
Tera Guru

Hi all,

 

I'm currently reviewing the out-of-the-box behavior of the Script Include EmailNotificationRedirectionSNC in relation to the sow_email_notification_redirect system property.

According to the documentation, enabling this property should redirect email notification links to Service Operations Workspace (SOW) only for users with the sn_sow_user role. However, I’ve observed that:

  • The getRedirectionURL() method within the Script Include uses gs.hasRole('sn_sow.sow_user'), which evaluates the current session user, not the actual recipient of the notification.
  • When used within a mail script (e.g., via template.print()), this means the redirection logic reflects the role of the person triggering the notification—potentially a system user or admin—not the recipient.
  • In testing, users without the sn_sow_user role still received links redirecting to SOW, which seems to contradict the documented intent.

I'm wondering if this behavior is as designed, possibly assuming that most notification recipients (e.g., ITIL users) inherently have SOW access. Or is this a case where the logic should instead evaluate the recipient’s role directly during email composition?

 

Has anyone else encountered this? Is there an official stance from ServiceNow on whether the recipient role should be considered during link generation? 

 

Thanks in advance!

2 REPLIES 2

SumanthDosapati
Mega Sage
Mega Sage

@Tadz 

When the end user clicks the link, end user will be the current user who initiated the session. So it checks the role for that particular user. Is it not working in that way?

 

Regards,
Sumanth

Hi @SumanthDosapati,

Thanks for your insight. To give a concrete example: say there's an Incident notification triggered when an assignee adds work notes or comments. If that assignee has the sn_sow.sow_user role—but the recipient of the notification does not—then the link generated during email composition reflects the assignee’s roles, due to how gs.hasRole() evaluates in that context.

As a result, the recipient receives a link pointing to SOW, even though they don’t have access—creating a potential mismatch in user experience.