Skip navigation



Ever come across the scenario where you want to restrict the entries in watch list and work notes list on incident form to particular domains or want to allow all domains but prevent certain?


Below solution is a customization to out of the box functionality.


1) Configure a property as shown below. You may want to make changes to name of the property. Set the value of this property as comma separated domain ids like, etc.



2) Configure display business rule on incident form to set scratchpad variable value from system property created in step 1



(function executeRule(current, previous /*null when async*/) {

// Add your code here
g_scratchpad.blackListedDomains = gs.getProperty('u_black_listed_domains');

})(current, previous);




3) Configure onLoad client script on incident form.


function onLoad() {
   //Type appropriate comment here, and begin script below
//addEmailAddressToList('select_0incident.watch_list', gel('text.value.incident.watch_list'), 'Email address is invalid'
function alertOnBlackListedDomains() {
var blackListedDomains = g_scratchpad.blackListedDomains.split(',');

try {
var emailIcons = document.getElementsByClassName('icon icon-mail');
if (emailIcons) {
var watchListIcon = emailIcons.item(0);
var worknoteListIcon = emailIcons.item(1);

watchListIcon.addEventListener('click', function(){
var emailUserInput = gel('text.value.incident.watch_list').value;

for ( var i = 0 ; i < blackListedDomains.length; i++ ) {
if (emailUserInput.indexOf(blackListedDomains[i]) > -1) {
g_form.showFieldMsg('watch_list' , 'Email id entered is from black listed domains' , 'error');
gel('text.value.incident.watch_list').value = ' ';

worknoteListIcon.addEventListener('click', function(){
var emailUserInput = gel('text.value.incident.work_notes_list').value;

for ( var i = 0 ; i < blackListedDomains.length; i++ ) {
if (emailUserInput.indexOf(blackListedDomains[i]) > -1) {
g_form.showFieldMsg('work_notes_list' , 'Email id entered is from black listed domains' , 'error');
gel('text.value.incident.work_notes_list').value = ' ';
jslog("Error occurred onLoad script " +e);


4) To test, go to incident form and try to enter email id as in watch list of work note list field , you will notice email address is not written inside that field and error message is displayed at the bottom of the field.



5) This solution is built around the principal that certain domain email ids must be blacklisted. You may have a reverse requirement, like allow certain domains only. In that case, you will require to make changes to property name , associated changes to display business rule and onLoad client script function logic.


Note : This is a custom solution which uses DOM or document object manipulation. If ServiceNow happen to change any underlying class associated with dom element, this solution will require maintenacne.

We empower our customers to automate processes and make them run as efficiently as possible. Take client scripts, for example. In the ServiceNow system, a client script is a piece of JavaScript code that runs on the client browser. These scripts are commonly used to make forms smarter—tailor the fields to individual users, populate or validate field values, display messages, and so on.


If you're just getting started with client scripts, check out this video on our NOWSupport YouTube channel:



Client scripts can be really helpful and powerful little chunks of code, but they also have a potential dark sidethey can impact performance for the user. In this installment of our best practices series, we look at six ways you can keep client scripts from bogging down your processes.


Six ways to improve client script performance

  1. Use a UI Policy instead
  2. Reduce server lookups
  3. Avoid global client scripts
  4. Add the isLoading check to onChange scripts
  5. Add the newValue check
  6. Run server calls as late as possible within the script


Use a UI policy instead of a script

You can use UI policies to make form fields mandatory or optional, visible or hidden, or read-only or writable when certain conditions are met. It’s a good idea to use a UI policy instead of a script whenever you can. UI policies execute efficiently, and unlike with scripts, you can control the order in which multiple UI policies execute. Plus they’re easy to create, which saves you the trouble of writing the scripts.



And here’s a tip. You can run a script as part of a UI policy, but that can be tricky to troubleshoot down the road. Stick with the supplied UI policy functions if you can.


Reduce server lookups

Retrieving data from the server takes time, so make as few server requests as possible, and retrieve only the data you need.


Another way to reduce server lookups is to use g_scratchpad (in a display business rule) and GlideAjax (in any script) instead of g_form.GetReference() and GlideRecord. The first pair are more efficient because they let you choose which fields you retrieve from the server, whereas the second pair retrieve the entire record.


Avoid global client scripts

A global client script is one where the selected table is Global. Since these scripts load for every table, they load for every page in the system, including home pages and Service Catalog pages, where they’re very rarely needed.


Instead, choose a specific table for the script. If you choose a base table like Task [task] or Configuration Item [cmdb_ci], the script is loaded for pages that refer to that table or any of its child tables, but not for other pages. This helps these other pages load faster.


Add the isLoading check to onChange scripts

You typically don’t need to run onChange scripts when a form loads because they would already have run the last time a value on the form changed. To keep an onChange script from running when the form loads, check the isLoading flag at the start of the script and stop the script if it’s true, like this:


    if (isLoading)



Add the newValue check

Typically you don’t want to run a script that references a particular field if the form doesn’t contain a value for the field. To avoid this, check newValue and run the rest of the script only if it’s non-null, like this:


    if (newValue) {

    // rest of script follows


Do server calls as late as possible

Often a script will check various items available on the client (like the isLoading and newValue checks we saw earlier) before running the rest of the script. Be sure to put server calls (like GlideAjax) after these checks to prevent wasting time on the server calls.





By following these tips, you can ensure that your client scripts behave and support your processes, rather then impeding them.


For more information, see:



Behind the scenes here at ServiceNow, the Knowledge Management and Multimedia teams work closely with subject matter experts to disseminate critical information to our customers. We’ve found that certain topics come up frequently, in the form of best practices that can help you keep your ServiceNow instances running smoothly. This series targets those topics so that you and your organization can benefit from our collective expertise. If you have a best practices topic you’d like us to cover in this series, please let us know in the comments below.


To access all of the blog posts in this series, search for "nowsupport best practices series."

I Guess by now that you have both seen and heard a lot of the new cool feature of Jakarta and what you can expect from upgrading to Jakarta. So this post isn't going to be about all those new big things like Software Asset Management and so on. I have spend some time digging around in documentation and playing around in the instance to see what have been put in there without any big notice or any drumbeats.


First out is Automated Test Framework(ATF). It can with Istanbul and gave us all a good ground to stand on and start doing automated testing. what was missing there was that it all had to be started/runned manually. Not anymore =) In Jakarta they have introduced the possibility to schedule test suite executions. It will make life even better and you can OOB schedule notifications with results etc. as well. Only downside atm. is that if you have tests that involves client stuff like adding values in a form field, you will need to have a browser open with the "Scheduled Client Test Runner" so the client side will be tested there. But still automated, so only manually thing is it leave a tab with that open.

Read more about it here: Schedule automated test suite


Next stop will be Knowledge. Knowledge got a few good things in Jakarta and here are two of those that I want to highlight.

  • Article Versioning: Now you can have your articles with version. Giving your good opportunities to rollback and even work on a article without messing with the public one. I really enjoy this. Can read more about it here: Article versioning
  • Different View in Service Portal: With Jakarta there have come a own Knowledge Portal. I might not really see the use case here atm. I think this is just another brick in the game to mve a lot of the functionality from the normal "UI" to a Service Portal design instead. But the portal looks pretty much like if you go to knowledge within the normal "UI" which has much better filtering etc. And here it now gives up a some widget that we can take and reuse on our own portal page =)
    It looks something like this:

And you can read about the knowledge portal here:

Knowledge Management Service Portal


Here is a very little thing, but I really like it. Don't we all hate when small images like signature etc. in the mail becomes attachments in the ticket. Now there is a property for this you can set how big a image must be for ServiceNow to add it as a attachment. Is it below the value, ServiceNow will ignore it. You can read more about that here: Email image filtering properties


Variables belonging in the Service Catalog has gotten a nice feature. To be able to put in Placeholder in the field of the different variable. Now we can move some of the help texts to inside the field and give a nicer look. This will work both in the normal "UI" and in Service Portal view. Why they didn't name the field "Placeholder" I can't say, but the name in SeviceNow is "Example Text". and it's working on the following variable types:

  • IP Address
  • Email
  • URL
  • Single Line Text
  • Wide Single Line Text
  • Multi Line Text
  • Date
  • Date/Time


For last we have the Service Portal. I would like to put up two nice things that has been added here, even if there is a lot to choose from.

  • Draft: It is now possible to put a page in "draft" mode so it isn't visible for the end user the second you save it for the first time. Even if it's a nice feature, there might be some disadvantages of this You will find this choice in the "Edit Page Properties" in the designer:
  • Variable types: Many people may have noticed that if you went into the docs for variable types and earlier releases, most of the have a text like this:

    But now, "all" variable types are supported on Service Portal, beside those who are using Jelly. But that is pretty obvious. One thing I noticed thou is that even if they are supported, they still don't always have the same functionality as in the normal "UI". Example container which in the normal "UI" has a +/- to expand & collapse the variables inside, they still don't have that functionality in Jakarta. But they are supported at least


Well, this was a few of the hidden diamonds I found so far in Jakarta. Feel free to comment if you have something you want me to put in the list here and I'll add it.




Symfoni Logo Color Box.jpgsn-community-mvp.png


ServiceNow Witch Doctor and MVP
For all my blog posts:

POSTMAN is an extension app that can be downloaded and installed from the Chrome Web Store. It is used to test REST APIs, check the input and the output for REST methods, and view the Code used to run the request. This post is the extension of Testing REST web services through Firefox RESTClient or POSTMAN. I will describe how to use POSTMAN, and as requested will add information on how to post an attachment.


The look and feel is very similar to the Firefox RESTClient:


Learn more about POSTMAN for sending requests


How to retrieve data from a ServiceNow instance

One common test we run, is using GET to retrieve data from ServiceNow. You will run GET methods to retrieve data programmatically from ServiceNow into another tool, where it can be used for processing or reporting. The URL for the GET method can most easily be retrieved from the REST api explorer in the instance:



Each request will have a Header, where, for example authorization and content formatting information can be found, and a body, where the individual attributes will be filled.


Once the URL is entered, the authorization headers have to be filled:

postman authorize.jpg

Typically, we use Basic Auth, which is using userID and password, but the OAuth authentication method is also supported by  ServiceNow. I save the request, once I have the basics set up, to make it easier to tweak and retest.


When clicking the Send button, we can view the request


With all the additional header information:

Cache-control →no-cache,no-store,must-revalidate,max-age=-1

Content-Encoding →gzip

Content-Type →application/json;charset=UTF-8

Date →Sun, 28 May 2017 17:10:18 GMT

Expires →0

Link →<https://<instance>>;rel="first",<>;rel="prev",<>;rel="next",<>;rel="last"

Pragma →no-store,no-cache

Server →ServiceNow

Strict-Transport-Security →max-age=63072000; includeSubDomains

Transfer-Encoding →chunked

X-Is-Logged-In →true

X-Total-Count →50


POSTMAN header response result

postman get.jpg


Other basic POSTMAN features

  1. When clicking on Code on the upper right of the application, you get a sample code string:

    GET /api/now/table/incident?sysparm_query=active%3Dtrue&amp;sysparm_display_value=true&amp;sysparm_limit=1 HTTP/1.1


    Authorization: Basic YWRtaW46QWtsYXJhMjAxMi8v

    Cache-Control: no-cache

    Postman-Token: 0d9471c9-26f8-715a-2b81-c01c113087f0


    That shows you detail on how POSTMAN executed the GET command.

  2. When clicking on Params to the right of the URL, you can enter the URL parameters as key value pairs in a table, or check the parameters currently set:


  3. POSTMAN also makes troubleshooting easier with the copy to clipboard and search functions, with which you can quickly find a key value pair that you want to analyze deeper.


Create a new Incident with POSTMAN

Now that we have the basics covered, let's use postman to create a new incident in your ServiceNow instance. To create an incident, we will use the POST method.


  1. First, you will change the method to POST, and enter the URL similar to this:

  2. Then, you will have to set up the Authorization again, same as you did for the GET method.
  3. Next, set the correct content-type:


  4. Finally, the fields to fill in for your new ticket are entered in the Body tab using Key - Value pair notation in raw format:


  5. Once you have all fields filled in that you want to fill with values other than default values, you can (first save and then) send the request:


      "result": {

        "parent": "",

        "made_sla": "true",

        "caused_by": "",

        "watch_list": "",

        "upon_reject": "Cancel all future Tasks",

        "sys_updated_on": "28.05.2017 07:37:53 PM",

        "child_incidents": "0",

        "approval_history": "",

        "skills": "",

        "number": "INC0010091",

        "resolved_by": "",

        "sys_updated_by": "admin",

        "opened_by": {

          "display_value": "System Administrator",

          "link": ""


        "user_input": "",

        "sys_created_on": "28.05.2017 07:37:53 PM",

        "sys_domain": {

          "display_value": "TOP/MSP/Default",

          "link": ""


        "state": "Active",

        "task_for": "",

        "sys_created_by": "admin",

        "knowledge": "false",

        "order": "",

        "calendar_stc": "",

        "closed_at": "",

        "delivery_plan": "",

        "impact": "3 - Low",

        "active": "true",

        "work_notes_list": "",

        "business_service": "",

        "priority": "5 - Planning",

        "sys_domain_path": "!!!/!!#/!!!/",

        "rfc": "",

        "time_worked": "",

        "expected_start": "",

        "opened_at": "28.05.2017 07:37:53 PM",

        "business_duration": "",

        "group_list": "",

        "work_end": "",

        "caller_id": "",

        "resolved_at": "",

        "approval_set": "",

        "subcategory": null,

        "work_notes": "",

        "short_description": "This is a test ticket",

        "close_code": null,

        "correlation_display": "",

        "delivery_task": "",

        "work_start": "",

        "assignment_group": "",

        "additional_assignee_list": "",

        "business_stc": "",

        "description": "",

        "calendar_duration": "",

        "close_notes": "",

        "notify": "Do Not Notify",

        "sys_class_name": "Incident",

        "closed_by": "",

        "follow_up": "",

        "parent_incident": "",

        "sys_id": "29c05d89134fb200ec5450f32244b0b4",

        "contact_type": null,

        "incident_state": "New",

        "urgency": "3 - Low",

        "problem_id": "",

        "company": "",

        "reassignment_count": "0",

        "activity_due": "UNKNOWN",

        "u_some_ne_wfield": "",

        "assigned_to": {

          "display_value": "Beth Anglin",

          "link": ""


        "severity": "3 - Low",

        "comments": "",

        "approval": "Not Yet Requested",

        "sla_due": "UNKNOWN",

        "comments_and_work_notes": "",

        "due_date": "",

        "sys_mod_count": "1",

        "reopen_count": "0",

        "sys_tags": "",

        "escalation": "Normal",

        "upon_approval": "Proceed to Next Task",

        "correlation_id": "",

        "location": "",

        "category": "Inquiry / Help"




Create an new Incident with attachment using POSTMAN

Now that we have all the simple steps figured out, let's send a new ticket with an attachment. Often times an attachment helps the viewer of the incident with screen shots or specific examples, enabling a faster resolution of the issue.


I first checked, how an attachment is sent with REST API explorer: Attachment API


Then I translated that information into how to do it with POSTMAN:

  1. The URL to use:<ServiceNow dictionary name>&table_sys_id=<SysID of the record that should hold the attachment>&file_name=<name to give the file once loaded>

    • Example Headers:

      postman header.jpg

      Files need to be of content-type multipart/form-data

    • Example Body:

      postman body.jpg

      As you can see, POSTMAN allows for two types of form-data: Text for any clear text you want to pass, and File for attachments. Once you choose File, you can upload any file through the Choose Files button.

  2. Save and Send the request and the attachment will be created.

    postman servicenow.jpg

    Several images for each attachment I tried for this blog post is attached to this post below - one for each "Send" I performed.

Attachment handling is not done through the incident (or other table) API, but in a separate step. If you are writing code to create an incident that should contain an attachment, you will first create the incident, then return the sys_id of this incident to call the attachment API with that information.


I hope this information helps - please let me know if you are interested in more detail, and we can expand as needed.

Filter Blog

By date: By tag: