Product documentation Docs
    • English
    • Deutsch
    • 日本語
    • 한국어
    • Français
  • More Sites
    • Now Community
    • Developer Site
    • Knowledge Base
    • Product Information
    • ServiceNow.com
    • Training
    • Customer Success Center
    • ServiceNow Support Videos
  • Log in

Product documentation

  • Home
How search works:
  • Punctuation and capital letters are ignored
  • Special characters like underscores (_) are removed
  • Known synonyms are applied
  • The most relevant topics (based on weighting and matching to search terms) are listed first in search results
Topics are ranked in search results by how closely they match your search terms
  • A match on the entire phrase you typed
  • A match on part of the phrase you typed
  • A match on ALL of the terms in the phrase you typed
  • A match on ANY of the terms in the phrase you typed

Note: Matches in titles are always highly ranked.

  • Release version
    Table of Contents
    • Now Platform capabilities
Table of Contents
Choose your release version
    Home London Platform Capabilities Now Platform capabilities Knowledge Management Knowledge manager Select user criteria for a knowledge base

    Select user criteria for a knowledge base

    • Save as PDF Selected topic Topic & subtopics All topics in contents
    • Unsubscribe Log in to subscribe to topics and get notified when content changes.
    • Share this page

    Select user criteria for a knowledge base

    You can specify user criteria to control which users can create, read, and write knowledge articles within a knowledge base.

    Before you begin

    Role required: knowledge_manager, knowledge_admin, or admin

    About this task

    User criteria refers to knowledge base records that determine the users who can read or contribute to a knowledge base. Users who have write access can also initiate the retirement workflow for an article. So, indirectly user criteria control who can submit an article for the retirement workflow.
    User criteria definitions:
    canRead
    users who can read all knowledge base articles
    cantRead
    users who cannot read, create, or modify articles in the knowledge base
    canContribute
    users who can read, create, and modify articles in the knowledge base
    cantContribute
    users who cannot create or modify articles in the knowledge base
    Set user criteria for a knowledge base without explicit roles

    If a knowledge base has no user criteria defined, all users (including unauthenticated users) can read its articles. Any user having at least one role can create and edit articles, unless they are members of the cantContribute user criteria. If a knowledge base has canRead user criteria, but no canContribute user criteria, all users with at least one role can access and modify the knowledge base.

    Set user criteria for a knowledge base with explicit roles

    If you create a new knowledge base with the Explicit Roles plugin active, only users with snc_internal role can access the knowledge base. To make all existing knowledge bases that do not have the canRead or canContribute user criteria accessible only to users with the snc_internal role, activate and run the Fix unsecured knowledge bases fix script.

    This video demonstrates how to control Knowledge Management access through user criteria.

    Important: After making user criteria additions or changes, you may need to log out and back in to clear the prior configuration.

    Procedure

    1. Navigate to Knowledge > Knowledge Bases.
    2. Select a knowledge base you manage.
    3. Access one of these related lists, and then select or create user criteria records.
      OptionDescription
      Can read Users who meet one of these criteria can read articles in this knowledge base.
      Can contribute Users who meet one of these criteria can create and edit articles in this knowledge base.

    Result

    Table 1. Order of System Validation (L->R)
    Contribute Read Result
    cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
    empty empty empty empty
    1. All Users with role -> Create
    2. All Users (including unauthenticated users) -> Read
    empty empty empty User A
    1. All Users with role -> Create
    2. User A -> Read
    3. All Users with role -> Read
    empty empty User B empty
    1. All Users with role -> Create
    2. User B → Denied Read
    3. All Users (including unauthenticated users) -> Read
    empty empty User B User A
    1. All Users with role -> Create
    2. User A -> Read
    3. User B → Denied Read
    4. All Users with role -> Read
    Contribute Read Result
    cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
    empty User C empty empty
    1. User C -> Create
    2. All Users (including unauthenticated users) -> Read
    empty User C empty User A
    1. User C -> Create, Read
    2. User A -> Read
    empty User C User B empty
    1. User C -> Create, Read
    2. User B -> Denied Read
    3. All Other Users -> Read
    empty User C User B User A
    1. User C -> Create, Read
    2. User B -> Denied Read
    3. User A -> Read
    Contribute Read Result
    cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
    User D empty empty empty
    1. User D -> Denied Create
    2. All Other Users with role -> Create
    3. All Users (including unauthenticated users) -> Read
    User D empty empty User A
    1. User D -> Denied Create, Read
    2. All Other Users with role -> Create
    3. User A -> Read
    4. All Users with role -> Read
    User D empty User B empty
    1. User D -> Denied Create
    2. All Other Users with role -> Create
    3. User B -> Denied Read
    4. All Users (including unauthenticated users) -> Read
    User D empty User B User A
    1. User D -> Denied Create, Read
    2. All Other Users with role -> Create
    3. User A -> Read
    4. All Users with role -> Read
    5. User B -> Denied Read
    Contribute Read Result
    cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
    User D User C empty empty
    1. User D -> Denied Create
    2. User C -> Create, Read
    3. All Users (including unauthenticated users) -> Read
    User D User C empty User A
    1. User D -> Denied Create, Read
    2. User C -> Create, Read
    3. User A -> Read
    User D User C User B empty
    1. User D -> Denied Create
    2. User C -> Create, Read
    3. User B -> Denied Read
    4. All Other Users -> Read
    User D User C User B User A
    1. User D -> Denied Create, Read
    2. User C -> Create, Read
    3. User B -> Denied Read
    4. User A -> Read
    Note: In the tables of rules, an implicit last rule is: All Users -> Denied Create, Read.
    Related tasks
    • Pin a knowledge article
    • Create a user criteria record in Knowledge Management
    • Enable user criteria system property to override role read access
    • Select user criteria for an article
    • Define a knowledge article category
    • Assign a knowledge base manager

    Tags:

    Feedback
    On this page

    Previous topic

    Next topic

    • Contact Us
    • Careers
    • Terms of Use
    • Privacy Statement
    • Sitemap
    • © ServiceNow. All rights reserved.

    Release version
    Choose your release version

      Select user criteria for a knowledge base

      • Save as PDF Selected topic Topic & subtopics All topics in contents
      • Unsubscribe Log in to subscribe to topics and get notified when content changes.
      • Share this page

      Select user criteria for a knowledge base

      You can specify user criteria to control which users can create, read, and write knowledge articles within a knowledge base.

      Before you begin

      Role required: knowledge_manager, knowledge_admin, or admin

      About this task

      User criteria refers to knowledge base records that determine the users who can read or contribute to a knowledge base. Users who have write access can also initiate the retirement workflow for an article. So, indirectly user criteria control who can submit an article for the retirement workflow.
      User criteria definitions:
      canRead
      users who can read all knowledge base articles
      cantRead
      users who cannot read, create, or modify articles in the knowledge base
      canContribute
      users who can read, create, and modify articles in the knowledge base
      cantContribute
      users who cannot create or modify articles in the knowledge base
      Set user criteria for a knowledge base without explicit roles

      If a knowledge base has no user criteria defined, all users (including unauthenticated users) can read its articles. Any user having at least one role can create and edit articles, unless they are members of the cantContribute user criteria. If a knowledge base has canRead user criteria, but no canContribute user criteria, all users with at least one role can access and modify the knowledge base.

      Set user criteria for a knowledge base with explicit roles

      If you create a new knowledge base with the Explicit Roles plugin active, only users with snc_internal role can access the knowledge base. To make all existing knowledge bases that do not have the canRead or canContribute user criteria accessible only to users with the snc_internal role, activate and run the Fix unsecured knowledge bases fix script.

      This video demonstrates how to control Knowledge Management access through user criteria.

      Important: After making user criteria additions or changes, you may need to log out and back in to clear the prior configuration.

      Procedure

      1. Navigate to Knowledge > Knowledge Bases.
      2. Select a knowledge base you manage.
      3. Access one of these related lists, and then select or create user criteria records.
        OptionDescription
        Can read Users who meet one of these criteria can read articles in this knowledge base.
        Can contribute Users who meet one of these criteria can create and edit articles in this knowledge base.

      Result

      Table 1. Order of System Validation (L->R)
      Contribute Read Result
      cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
      empty empty empty empty
      1. All Users with role -> Create
      2. All Users (including unauthenticated users) -> Read
      empty empty empty User A
      1. All Users with role -> Create
      2. User A -> Read
      3. All Users with role -> Read
      empty empty User B empty
      1. All Users with role -> Create
      2. User B → Denied Read
      3. All Users (including unauthenticated users) -> Read
      empty empty User B User A
      1. All Users with role -> Create
      2. User A -> Read
      3. User B → Denied Read
      4. All Users with role -> Read
      Contribute Read Result
      cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
      empty User C empty empty
      1. User C -> Create
      2. All Users (including unauthenticated users) -> Read
      empty User C empty User A
      1. User C -> Create, Read
      2. User A -> Read
      empty User C User B empty
      1. User C -> Create, Read
      2. User B -> Denied Read
      3. All Other Users -> Read
      empty User C User B User A
      1. User C -> Create, Read
      2. User B -> Denied Read
      3. User A -> Read
      Contribute Read Result
      cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
      User D empty empty empty
      1. User D -> Denied Create
      2. All Other Users with role -> Create
      3. All Users (including unauthenticated users) -> Read
      User D empty empty User A
      1. User D -> Denied Create, Read
      2. All Other Users with role -> Create
      3. User A -> Read
      4. All Users with role -> Read
      User D empty User B empty
      1. User D -> Denied Create
      2. All Other Users with role -> Create
      3. User B -> Denied Read
      4. All Users (including unauthenticated users) -> Read
      User D empty User B User A
      1. User D -> Denied Create, Read
      2. All Other Users with role -> Create
      3. User A -> Read
      4. All Users with role -> Read
      5. User B -> Denied Read
      Contribute Read Result
      cantContribute (1) canContribute (2) cantRead (3) canRead (4) Permissions on KB (in the following order)
      User D User C empty empty
      1. User D -> Denied Create
      2. User C -> Create, Read
      3. All Users (including unauthenticated users) -> Read
      User D User C empty User A
      1. User D -> Denied Create, Read
      2. User C -> Create, Read
      3. User A -> Read
      User D User C User B empty
      1. User D -> Denied Create
      2. User C -> Create, Read
      3. User B -> Denied Read
      4. All Other Users -> Read
      User D User C User B User A
      1. User D -> Denied Create, Read
      2. User C -> Create, Read
      3. User B -> Denied Read
      4. User A -> Read
      Note: In the tables of rules, an implicit last rule is: All Users -> Denied Create, Read.
      Related tasks
      • Pin a knowledge article
      • Create a user criteria record in Knowledge Management
      • Enable user criteria system property to override role read access
      • Select user criteria for an article
      • Define a knowledge article category
      • Assign a knowledge base manager

      Tags:

      Feedback

          Share this page

          Got it! Feel free to add a comment
          To share your product suggestions, visit the Idea Portal.
          Please let us know how to improve this content

          Check any that apply

          To share your product suggestions, visit the Idea Portal.
          Confirm

          We were unable to find "Coaching" in Jakarta. Would you like to search instead?

          No Yes
          • Contact Us
          • Careers
          • Terms of Use
          • Privacy Statement
          • Sitemap
          • © ServiceNow. All rights reserved.

          Subscribe Subscribed Unsubscribe Last updated: Tags: January February March April May June July August September October November December No Results Found Versions Search preferences successfully updated My release version successfully updated My release version successfully deleted An error has occurred. Please try again later. You have been unsubscribed from all topics. You are now subscribed to and will receive notifications if any changes are made to this page. You have been unsubscribed from this content Thank you for your feedback. Form temporarily unavailable. Please try again or contact  docfeedback@servicenow.com  to submit your comments. The topic you requested does not exist in the release. You were redirected to a related topic instead. The available release versions for this topic are listed There is no specific version for this documentation. Explore products Click to go to the page. Release notes and upgrades Click to open the dropdown menu. Delete Remove No selected version Reset This field is required You are already subscribed to this topic Attach screenshot The file you uploaded exceeds the allowed file size of 20MB. Please try again with a smaller file. Please complete the reCAPTCHA step to attach a screenshot
          Log in to personalize your search results and subscribe to topics
          No, thanks Login