Hi Community,

I have a custom application in ServiceNow with a custom table that extends Task. Emails received are processed into this table, and ACLs currently allow only users with the 'ABC' role to edit records.

In our business scenario, we also have users with no roles who interact with ServiceNow by sending emails that create records in this custom table. The issue is: when these same users reply to the email, the system correctly identifies the target record using the watermark, but fails to update it because the user has no roles and therefore fails ACL checks.

Use case:

• Email from a user with no roles → record created successfully in custom table.
• Reply from the same user → watermark identifies the record, but update fails due to ACL restrictions.

Question:
What is the recommended way to allow these “no-role” users to update the target record via email replies, without broadly granting them roles? Is there a best practice for handling ACLs in this scenario (e.g., special inbound action logic, custom ACLs, or system user context)?

Thanks in advance for your guidance!