- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2025 12:06 PM - edited 07-05-2025 12:17 PM
Hi everyone,
User did not submit request to remove their Process User access, but their access disappear? I want to check why they lost their access without submitting any request to remove it, Can anyone tell how can I check it?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2025 12:15 PM
If I understood correctly you would like to investigate who removed the access the user? if some one or system deleted the roles assigned to user, it will go to deleted records.
1. Navigate to deleted records.
2. Then search for table name sys_user_has_role and Payload contains "your process user name"
3. Payload will show you when and who removed the user role
If my response solves your query, please marked helpful by selecting Accept as Solution and Helpful
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2025 01:59 PM
@Nandini Gupta OK, I replicated it.
- Go to the user record,
- copy their sys ID,
- then go to [sys_audit_delete],
- search the Payload field with *contains* that sys ID,
- then you can track who and when it removed.
This scenario was done that I created a dummy user, dummy group with ITIL role, I added the suer in the group and then I removed it, so they were granted and revoked that role, then I checked the Deleted records and it was there.
Perhaps the audit table will store the data for only limited period of time, but my PDI stores data from February 2025, so let's hope you will be able to find these data.
Let me know if this helped or not
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2025 02:00 PM
☝️ This guy is right! 🎖️ I just replicated the very same thing.
The Payload can be search for the name or sys ID which is more secure than text search.
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2025 12:08 PM
Hi @Nandini Gupta,
I didn't understand your issue, could you please describe it again?
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2025 12:15 PM
Hi @GlideFather ,
User lost his Process user access but they did submit any request to remove their access. I want to check why he lost his access.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2025 12:29 PM
And what do you mean "process user access", is it some specific module, table, or anything else?
Perhaps it is another terminology than I am used to.
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-05-2025 12:47 PM
Hi @GlideFather
Process user access is for users who can get access to update or close incident, request, change records.