We received report from our service desk team that an employee put in a request from the Employee Portal for a new laptop.
He used the Service catalog and selected the item and it stated that the order was placed.
However, even though the Request and RITM were created, the Flow did not generate, so the request had no short description or assignment group.
In addition, the RITM did the same action and did not create a task
This is not a global issue as I tested ordering other items from the portal impersonating the same person and they worked just fine.
This did not affect those catalog items with the old Workflow and when I temporarily replaced this catalog item with the old workflow it worked fine.
It also now prompts the requester before placing the order:
So this is a new issue and we need to find out why this is happening on just selected items using Flow Design.
Did the test tickets in our Test instance, which is on Washington DC Release.
The error happened on our Production instance, which until mid-August, is on Vancouver Release.
Thanks!
Looks like the flow is configured to Run as User who initiated the session. When you run a flow like this, they are restricted by ACLs, so a user with no roles would have no access to do pretty much anything. This also explains why you are getting different results based on what user with different users who have different roles you are testing it with. If your flow needs to execute, regardless of who is causing it to trigger, then you need to change it to Run as System User. Go back to your flow, click the three dots and select Flow Properties like the picture below.
Change Run as to System User. This will then run with the elevated privileges it needs to execute.
The first step would be going to your Catalog Item record and ensuring a flow or workflow is attached to it. You can type Maintain Items in the filter navigator, then search your item. In your item record, go to the Process Engine tab and ensure you have a Flow or Workflow attached like this picture
If you do, then submit a request, go to the RITM that was created, scroll to the bottom to the related links, then click the Flow or Workflow context, like this picture
You should be able to continue processing the request, and use the contexts to figure out if the process is erroring out, or if something isn't happening the way that you want it to.
Yes there is a flow design assigned to the catalog item
The show workflow is NOT appearing on the RITM however the Flow Context is:
When I click on the Flow Context, I get this error:
When I open the Context record, there are a bunch of errors, but it appears the main one is this:
We have been running into tons of issues "security related" since we upgraded to Vancouver. Could this be the issue and if so, how can we fix it.
Never had this problem with the old Service Portal and old Workflows...
It is only on the Request and it just returns this:
Thanks for your help
Yes, the Workflow context is on the Request itself, while the RITM has a flow that is running based on what you're saying.
Go to the flow itself, can you confirm that you have Reporting on for your flow? Go into your flow, click the three dots like in the picture and select Flow Reporting Settings
It will bring up a screen that looks like this
Click the dropdown and turn it on Full if you do not have it on. Please note, this will only affect newly created flow contexts, and not old ones that ran so you'll need to submit a new REQ to look at the context.
Did that action and created a new request.
Same errors and then ended impersonation and refreshed the browser.
This time when I clicked on the flow context this the error message:
What "security rules" are preventing this flow to run.
This issue is only affecting those using the Employee Portal with no role. If I impersonate someone with the itil role and do the same action, I get a different error.
Lastly, if someone with the itil role creates the same request using the nav view of the Service Catalog instead - no errors.
The flow kicks off populating all the fields and creating the catalog tasks.
So, this has to be linked to just the Employee Center action.
