Can some approve/reject by replying to servicenow without the user record in sys user

Johnson13 · 3 weeks ago

Tanushree Maiti · 3 weeks ago

No, a user typically cannot approve or reject a ServiceNow request via email if they do not exist in the sys_user table. ServiceNow’s inbound email actions rely on matching the sender’s email address to a valid sys_user record in order to validate the approver.

Please mark this response as Helpful & Accept it as solution if it assisted you with your question.
Regards
Tanushree Maiti
ServiceNow Technical Architect
Linkedin:

SohamTipnis · 3 weeks ago

Hi @Johnson13,

Nope, this sounds pretty easy, but it doesn't work like that. One of ServiceNow's aims is to protect the data and provide good security. So not anyone can just approve/reject any request.

If you find my answer useful, please mark it as Helpful and Correct. ‌‌‌‌‌‌‌😊

Regards,
Soham Tipnis
ServiceNow Developer || Technical Consultant
LinkedIn: www.linkedin.com/in/sohamtipnis10

AndersBGS · 3 weeks ago

Hi @Johnson13 ,

no, an approver is a defined user in the sys_user table, hence if user is unknown, then it will not be possible.

If my answer has helped with your question, please mark my answer as the accepted solution and give a thumbs up.

Best regards
Anders

Rising star 2024
MVP 2025
linkedIn: https://www.linkedin.com/in/andersskovbjerg/

Johnson13 · 3 weeks ago

There is a resource that says I can

Requirement Best Choice

Email reply approves	✅ Stub sys_user
No ServiceNow login	✅ Locked account
Audit friendly	✅ Stub sys_user
External vendors	✅ Token links
Safe for Prod	✅ Yes

How it works

The external person does exist in sys_user
But they are:
- 🔒 Locked
- 🚫 Have no login access
- 📧 Email-only user

ServiceNow treats them as valid approvers, but they cannot sign in.

Typical setup

Username = email
locked_out = true
No roles
No password
Source = “External Approver”

✅ Email approvals work
✅ Tokens work
✅ Auditable
✅ Upgrade-safe