Can guest user access a public knowledge article without login into SSO authenticated instance?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-14-2017 04:39 AM
Hi Team,
Can a guest user access a public knowledge article or a knowledge base .?
If I try to access the for particular article directly trough URL, it is asking for SSO login?
Any Idea or suggestion will help me a lot.
We are on Helsinki.
Thanks.
- Labels:
-
Knowledge Management
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2017 07:36 AM
David can you help on above mentioned issue
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-09-2017 02:43 PM
"User Criteria seems to be overlooked. One of my restrictions is employees in a specific location, but without being logged in there's no way of determining their location... however, unable to validate this requirements still lets you through. I've even tried adding a role but it still permits public access. (I'm going to play more with this because I have actually hidden one from public view)"
We ran into the same issue, we ended up adding a check in the criteria script ( if (gs.isLoggedIn() ) to verify they were authenticated before permitting access.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-10-2017 12:49 AM
I've actually raised this as a problem record in Hi (PRB806953) - not only is anonymous access somewhat flaky, but non-functional UI actions are also shown, which isn't a good UI experience for guests.
Let's see what happens.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-15-2017 05:52 AM
I'm having the same issue on my personal dev instance: going to the knowledge URL (like https://devxxxx.service-now.com/kb_view.do?sysparm_article=KBxxxxxxx) gives me a "Knowledge record not found" message.
I know those instructions have worked for me before. We must be missing something.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-03-2017 07:02 AM
I got this to work, by doing the following:
- Migrated all of my Knowledge Bases to v3. Yeah, late bloomer.
- Created a group called All Active Employees
- On the sys_users table I added a Business rule named "Add Active Users to All Employee Group". This BR has a Filter Condition of Active is true. (There is probably some redundancy on line 7 && current.active). This checks to see if the current active user is already in the group and if it is not, then it adds the user.
- (function executeRule(current, previous /*null when async*/) {
- var gr_user = new GlideRecord('sys_user_grmember');
- gr_user.addQuery('group','*Enter sys_id of your Group Here*');
- gr_user.addQuery('user',current.sys_id);
- gr_user.query();
- if(!gr_user.next() && current.active)//if record is not there then create new otherwise don't create
- {
- gr_user.user= current.sys_id;
- gr_user.group= '*Enter sys_id of your Group Here*';
- gr_user.insert();
- }
- })(current, previous);
- Created a Scheduled Job named "Remove Inactive Users From the All Active Employees group". This job runs daily and looks to see if there are any inactive users in the group and removes them.
var gr=new GlideRecord('sys_user_grmember');
gr.addQuery('group','*Enter sys_id of your Group Here*');
gr.addQuery('user.active', false);
gr.query();
gr.deleteMultiple();
- On the sys_users table I added a Business rule named "Add Active Users to All Employee Group". This BR has a Filter Condition of Active is true. (There is probably some redundancy on line 7 && current.active). This checks to see if the current active user is already in the group and if it is not, then it adds the user.
- Added 2 User Criteria
- "All Users" with the "All Active Employees" group selected
- "Public" with Advanced checked and this script:
if (gs.getUser().gs.getActive == 'false' )
answer = true ; else
answer = false ;
//gs.log('User is ' + answer);
answer ;
- I have the following read ACLs for the kb_knowledge table --None--
- Allow read for records in kb_knowledge, for users with role public, and if the ACL script returns true, and if the ACL condition (kb_knowledge_base.kb_version=2^ORkb_knowledge_base.kb_version=3^EQ) evaluates to true.
- Script: gs.hasRole("knowledge") || gs.hasRole(current.roles) || current.roles == "public";
- Allow read for records in kb_knowledge, if the ACL script returns true, and if the ACL condition (kb_knowledge_base.kb_version=3^EQ) evaluates to true.
- Script:
// if (gs.getUser().gs.getActive == 'true' )
// answer = true ; else
// answer = false ;
// gs.log('User is ' + answer);
// answer ;
if (current.isNewRecord())
answer = true;
else if (current.isValidRecord())
answer = new KBKnowledge().canRead(current);
else if(!gs.nil(current.sys_id)){
var gr1 = new GlideRecord("kb_knowledge");
gr1.addQuery("sys_id", current.sys_id);
gr1.query();
gr1.next();
answer = new KBKnowledge().canRead(gr1);
}
else
answer = false;
- Script:
- Allow read for records in kb_knowledge, for users with role public, and if the ACL script returns true, and if the ACL condition (kb_knowledge_base.kb_version=2^ORkb_knowledge_base.kb_version=3^EQ) evaluates to true.
Each article you want to be available as public, has to have the public role assigned to it. I know that seems like a lot of work, but this works for me.
