Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • Madrid
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close
Home London Platform Capabilities Now Platform Capabilities Knowledge Management Knowledge manager Select user criteria for a knowledge base
  • Versions
  • Products

Contents

Select user criteria for a knowledge base

Log in to subscribe to topics and get notified when content changes.

SAVE AS PDF

Select user criteria for a knowledge base

You can specify user criteria to control which users can create, read, write, and retire knowledge articles within a knowledge base.

Before you begin

Role required: knowledge_manager, knowledge_admin, or admin

About this task

User criteria refers to knowledge base records that determine the users who can read or contribute to a knowledge base. User criteria definitions:
canRead
users who can read all knowledge base articles
cantRead
users who cannot read, create, or modify articles in the knowledge base
canContribute
users who can read, create, and modify articles in the knowledge base
cantContribute
users who cannot create or modify articles in the knowledge base
Set user criteria for a knowledge base without explicit roles

If a knowledge base has no user criteria defined, all users can read its articles. Any user having at least one role can create and edit articles, unless they are members of the cantContribute user criteria. If a knowledge base has canRead user criteria, but no canContribute user criteria, all users with at least one role can access and modify the knowledge base.

Set user criteria for a knowledge base with explicit roles

If you create a new knowledge base with the Explicit Roles plugin active, only users with snc_internal role can access the knowledge base. To make all existing knowledge bases that do not have the canRead or canContribute user criteria accessible only to users with the snc_internal role, activate and run the Fix unsecured knowledge bases fix script.

This video demonstrates how to control Knowledge Management access through user criteria.

Procedure

  1. Navigate to Knowledge > Knowledge Bases.
  2. Select a knowledge base you manage.
  3. Access one of these related lists, and then select or create user criteria records.
    OptionDescription
    Can read Users who meet one of these criteria can read articles in this knowledge base.
    Can contribute Users who meet one of these criteria can create and edit articles in this knowledge base.

Result

Table 1. Order of System Validation (L->R)
Contribute Read Result
cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
empty empty empty empty
  1. All Users with role -> Create
  2. All Users -> Read
empty empty empty User A
  1. All Users with role -> Create
  2. User A -> Read
  3. All Users with role -> Read
empty empty User B empty
  1. All Users with role -> Create
  2. User B → Denied Read
  3. All Users -> Read
empty empty User B User A
  1. All Users with role -> Create
  2. User A -> Read
  3. User B → Denied Read
  4. All Users with role -> Read
Contribute Read Result
cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
empty User C empty empty
  1. User C -> Create
  2. All Users -> Read
empty User C empty User A
  1. User C -> Create, Read
  2. User A -> Read
empty User C User B empty
  1. User C -> Create, Read
  2. User B -> Denied Read
  3. All Other Users -> Read
empty User C User B User A
  1. User C -> Create, Read
  2. User B -> Denied Read
  3. User A -> Read
Contribute Read Result
cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
User D empty empty empty
  1. User D -> Denied Create
  2. All Other Users with role -> Create
  3. All Users -> Read
User D empty empty User A
  1. User D -> Denied Create, Read
  2. All Other Users with role -> Create
  3. User A -> Read
  4. All Users with role -> Read
User D empty User B empty
  1. User D -> Denied Create
  2. All Other Users with role -> Create
  3. User B -> Denied Read
  4. All Users -> Read
User D empty User B User A
  1. User D -> Denied Create, Read
  2. All Other Users with role -> Create
  3. User A -> Read
  4. All Users with role -> Read
Contribute Read Result
cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
User D User C empty empty
  1. User D -> Denied Create
  2. User C -> Create, Read
  3. All Users -> Read
User D User C empty User A
  1. User D -> Denied Create, Read
  2. User C -> Create, Read
  3. User A -> Read
User D User C User B empty
  1. User D -> Denied Create
  2. User C -> Create, Read
  3. User B -> Denied Read
  4. All Other Users -> Read
User D User C User B User A
  1. User D -> Denied Create, Read
  2. User C -> Create, Read
  3. User B -> Denied Read
  4. User A -> Read
Note: In the tables of rules, an implicit last rule is: All Users -> Denied Create, Read.
Send Feedback
Feedback