How to make reports visible to users that any not logged in to SNor do not have SN accounts

Kyle Wiley · ‎09-28-2017

I need to be able to make some reports visible to everyone in our organization, whether they are logged into SN or not.

Everyone in our organization has a SN login but not everyone has ever logged in before and I don't want the higher up management employees needing to login to SN first in order to view some of the published reports out there.

I have published several reports that will be used for Incident tracking during a org wide go live we are having and all of the reports are set to be available to everyone with the following roles: public, snc_internal, snc_external.

The reports can be viewed if the user is an internal SN user but they must be currently logged in to SN in whatever browser they open the report page. When I click on the page, I can see the name of the report but it says, "Security constraints preven access to requested page.".

Does that mean I need to edit the ACLs in order for the reports to be seen for the Incident table? If so, what ACL needs to be edited? I have already tried to add the snc_external and the public role to the incident.* read ACL and this didn't fix the issue.

Any ideas?

Chuck Tomasi · ‎09-28-2017

Yes, it can be resolved by opening up read permission to the underlying tables/fields. That's a risk you need to be aware of and accept if you do this. There's a reason for security and authentication. If you choose to bypass it because of a requirement to make it public, you accept those risks.

View solution in original post

Chuck Tomasi · ‎09-28-2017

Hi Kyle,

You are on the right track. Making the report public is different than making the underlying data public. Be VERY careful about this. If I give someone a report of incidents and they get the "security constraints" message because they don't have information to the incident records.

Are you REALLY sure you want to make all that data public w/o credentials? It's a security decision that you'll have to make. If so, then apply the "public" role to the read access ACL accordingly.

Docs: Access control rules

Docs: Contextual security

Kyle Wiley · ‎09-28-2017

I don't necessarily want the data to be public but there reports will only be published for 2 weeks at the most and most of our confidential data in our Incident records are in an encrypted field that can't be seen externally.

I would prefer not to open up the data but I also don't want to force people to login to SN to view the data either. I assume having them login would be the safer approach though to keep the data safe...

Pradeep Sharma · ‎09-28-2017

Hello Kyle,

I agree. The best option will be to create a login account and allow them to view the reports. Public reports can be only shown if there is READ ACL on target table with a public role. More info on ACL's required for the public report is documented here.

http://wiki.servicenow.com/index.php?title=Creating_a_Public_Report#gsc.tab=0

Srikanth Menava · ‎09-28-2017

I do have same question. I created a dashboard and I want to make it visible to all the end users of ServiceNow , I gave read access to the Public role. But I am unable to solve this. Is there a way that this can be resolved. I will appreciate if someone can help me..