Issue with Requests placed via Employee Portal (no role user)

terrieb
Tera Guru

We received report from our service desk team that an employee put in a request from the Employee Portal for a new laptop.

 

He used the Service catalog and selected the item and it stated that the order was placed.

However, even though the Request and RITM were created, the Flow did not generate, so the request had no short description or assignment group.

terrieb_0-1719837378482.png

 

In addition, the RITM did the same action and did not create a task

terrieb_1-1719837457924.png

 

This is not a global issue as I tested ordering other items from the portal impersonating the same person and they worked just fine.

This did not affect those catalog items with the old Workflow and when I temporarily replaced this catalog item with the old workflow it worked fine.

 

It also now prompts the requester before placing the order:

 

terrieb_2-1719837565763.png

 

So this is a new issue and we need to find out why this is happening on just selected items using Flow Design.

 

Did the test tickets in our Test instance, which is on Washington DC Release.

The error happened on our Production instance, which until mid-August, is on Vancouver Release.

 

 

Thanks!

 

1 ACCEPTED SOLUTION

Looks like the flow is configured to Run as User who initiated the session. When you run a flow like this, they are restricted by ACLs, so a user with no roles would have no access to do pretty much anything. This also explains why you are getting different results based on what user with different users who have different roles you are testing it with. If your flow needs to execute, regardless of who is causing it to trigger, then you need to change it to Run as System User. Go back to your flow, click the three dots and select Flow Properties like the picture below.

ZachKoch_1-1719840987972.png

Change Run as to System User. This will then run with the elevated privileges it needs to execute.

 

ZachKoch_0-1719840967521.png

 

If this information helped resolve your issue, please remember to mark response correct and thumbs up to help future community members on this information, thanks!

View solution in original post

6 REPLIES 6

Zach Koch
Giga Sage
Giga Sage

The first step would be going to your Catalog Item record and ensuring a flow or workflow is attached to it. You can type Maintain Items in the filter navigator, then search your item. In your item record, go to the Process Engine tab and ensure you have a Flow or Workflow attached like this picture

ZachKoch_0-1719838041653.png

If you do, then submit a request, go to the RITM that was created, scroll to the bottom to the related links, then click the Flow or Workflow context, like this picture

ZachKoch_1-1719838119243.png

You should be able to continue processing the request, and use the contexts to figure out if the process is erroring out, or if something isn't happening the way that you want it to.

 

If this information helped resolve your issue, please remember to mark response correct and thumbs up to help future community members on this information, thanks!

Yes there is a flow design assigned to the catalog item

 

The show workflow is NOT appearing on the RITM however the Flow Context is:

terrieb_2-1719838923396.png

 

When I click on the Flow Context, I get this error:

terrieb_3-1719838986097.png

 

When I open the Context record, there are a bunch of errors, but it appears the main one is this:

terrieb_4-1719839038100.png

 

We have been running into tons of issues "security related" since we upgraded to Vancouver.  Could this be the issue and if so, how can we fix it.

 

Never had this problem with the old Service Portal and old Workflows...

 

It is only on the Request and it just returns this:

terrieb_0-1719838755985.png

Thanks for your help

Yes, the Workflow context is on the Request itself, while the RITM has a flow that is running based on what you're saying.

Go to the flow itself, can you confirm that you have Reporting on for your flow? Go into your flow, click the three dots like in the picture and select Flow Reporting Settings

ZachKoch_0-1719839767256.png

It will bring up a screen that looks like this

ZachKoch_1-1719839806686.png

Click the dropdown and turn it on Full if you do not have it on. Please note, this will only affect newly created flow contexts, and not old ones that ran so you'll need to submit a new REQ to look at the context.

If this information helped resolve your issue, please remember to mark response correct and thumbs up to help future community members on this information, thanks!

Did that action and created a new request.

 

Same errors and then ended impersonation and refreshed the browser.

 

This time when I clicked on the flow context this the error message:

 

terrieb_0-1719840412875.png

 

What "security rules" are preventing this flow to run.

 

This issue is only affecting those using the Employee Portal with no role.  If I impersonate someone with the itil role and do the same action, I get a different error.

 

terrieb_1-1719840563791.png

 

 

Lastly, if someone with the itil role creates the same request using the nav view of the Service Catalog instead - no errors.  

terrieb_2-1719840701059.png

 

The flow kicks off populating all the fields and creating the catalog tasks.

 

So, this has to be linked to just the Employee Center action.