- My View
We have a encrypted text field in our incident table that I need to hide from the Available Fields combobox in the report form. We have conditions that allow users to read/write to it but I want nobody to be able to include the field on a report.
I understand that the "report-on" ACL does not work for fields.
Any thoughts on how this can be accomplished?
Have you tried imposing ACL on that field and restricting it to only a few roles?
Thank you for the quick response.
I discovered the following during some trial-and-error:
- In order to have the encrypted text field not be listed in the Available Fields combobox on the Report form, I'd have to add the "nobody" or "admin" role to the Requires role in the encrypted field's "read" ACL. The problem is that the field won't be visible on the incident form. It seems you can't just remove a field from the reporting selection without removing it from other parts of ServiceNow.
- The read ACL applies when the field is added to a report. To prove this, I logged in as myself, retrieved a list of incidents assigned to me and I was able to see the encrypted field's data for some incidents. I impersonated another user, retrieved the list of incidents assigned to me and the encrypted field did not display the data.