ACL

Go to solution
BiswaRanjanRout
Giga Expert

Wednesday

How does ServiceNow evaluate access when both table level and field level ACLs are defined and what happens if a user passes one ACL but fails the other?

0 Helpfuls
  • 326 Views
1 ACCEPTED SOLUTION

Go to solution
Dr Atul G- LNG
Tera Patron

Wednesday

Adding one more

 

https://www.servicenow.com/community/grc-forum/order-of-execution-of-an-acl/m-p/1311960

 

DrAtulGLNG_0-1767798277058.png

https://www.servicenow.com/docs/bundle/zurich-platform-security/page/administer/contextual-security/...

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/dratulgrover [ Connect for 1-1 Session]

****************************************************************************************************************

View solution in original post

8 REPLIES 8

Go to solution
Ankur Bawiskar
Tera Patron
In response to Ankur Bawiskar

yesterday

@BiswaRanjanRout 

As per new community feature you can mark multiple responses as correct.

💡 If my response helped, please mark it as correct as well so that this helps future readers find the solution faster! 🙏

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

Go to solution
adityahubli
Tera Guru

Wednesday

Hello @BiswaRanjanRout ,

 

In ServiceNow, table-level ACLs act as the entry point for data access. Once table access is granted, field-level ACLs determine which specific fields are accessible. Without table-level permission, field-level access is not possible.

  • If the table-level ACL fails, access is denied immediately, field-level ACLs are not evaluated, and the user cannot access any record or field on that table—no table access means no field access.
  • If the table-level ACL passes but the field-level ACL fails, the user can access the record, but access to the specific field is denied, and the field may be hidden, read-only, or blocked depending on the operation.
  • If both the table-level ACL and the field-level ACL pass, the user has full access to the record and the field.

You can also Refer this article :

https://www.servicenow.com/community/servicenow-ai-platform-articles/security-setup-acl-evaluation-o... 

 

 

If this helps you then mark it as helpful and accept as solution.

Regards,

Aditya,

Technical Consultant

Go to solution
adityahubli
Tera Guru
In response to adityahubli

yesterday

Hello @BiswaRanjanRout ,

If this response helps you  then mark it as helpful and accept as solution.

 

Regards,

Aditya,

Technical Consultant

0 Helpfuls

Go to solution
Anurag Tripathi
Mega Patron

Wednesday

Yes, Both levels are evaluated and user has to pass each level to get the access.

If there are more than 1 ACL on any level, then user needs to pass just one of them. EG, if there are 5 ACLS on Table level, then user needs to pass just one of them.

-Anurag