Home London Platform Capabilities Now Platform capabilities Knowledge Management Knowledge manager Select user criteria for a knowledge base

Select user criteria for a knowledge base

You can specify user criteria to control which users can create, read, and write knowledge articles within a knowledge base.

Before you begin

Role required: knowledge_manager, knowledge_admin, or admin

About this task

User criteria refers to knowledge base records that determine the users who can read or contribute to a knowledge base. Users who have write access can also initiate the retirement workflow for an article. So, indirectly user criteria control who can submit an article for the retirement workflow.

User criteria definitions:

canRead: users who can read all knowledge base articles
cantRead: users who cannot read, create, or modify articles in the knowledge base
canContribute: users who can read, create, and modify articles in the knowledge base
cantContribute: users who cannot create or modify articles in the knowledge base

Set user criteria for a knowledge base without explicit roles

If a knowledge base has no user criteria defined, all users (including unauthenticated users) can read its articles. Any user having at least one role can create and edit articles, unless they are members of the cantContribute user criteria. If a knowledge base has canRead user criteria, but no canContribute user criteria, all users with at least one role can access and modify the knowledge base.

Set user criteria for a knowledge base with explicit roles

If you create a new knowledge base with the Explicit Roles plugin active, only users with snc_internal role can access the knowledge base. To make all existing knowledge bases that do not have the canRead or canContribute user criteria accessible only to users with the snc_internal role, activate and run the Fix unsecured knowledge bases fix script.

This video demonstrates how to control Knowledge Management access through user criteria.

Important: After making user criteria additions or changes, you may need to log out and back in to clear the prior configuration.

Procedure

Navigate to Knowledge > Knowledge Bases.
Select a knowledge base you manage.

Access one of these related lists, and then select or create user criteria records.

Option	Description
Can read	Users who meet one of these criteria can read articles in this knowledge base.
Can contribute	Users who meet one of these criteria can create and edit articles in this knowledge base.

Result

Table 1. Order of System Validation (L->R)
Contribute		Read		Result
cantContribute (1)	canContribute (2)	cantRead (3)	canRead (4)	Permissions on KB (in the following order)
empty	empty	empty	empty	All Users with role -> Create All Users (including unauthenticated users) -> Read
empty	empty	empty	User A	All Users with role -> Create User A -> Read All Users with role -> Read
empty	empty	User B	empty	All Users with role -> Create User B → Denied Read All Users (including unauthenticated users) -> Read
empty	empty	User B	User A	All Users with role -> Create User A -> Read User B → Denied Read All Users with role -> Read


Contribute		Read		Result
cantContribute (1)	canContribute (2)	cantRead (3)	canRead (4)	Permissions on KB (in the following order)
empty	User C	empty	empty	User C -> Create All Users (including unauthenticated users) -> Read
empty	User C	empty	User A	User C -> Create, Read User A -> Read
empty	User C	User B	empty	User C -> Create, Read User B -> Denied Read All Other Users -> Read
empty	User C	User B	User A	User C -> Create, Read User B -> Denied Read User A -> Read


Contribute		Read		Result
cantContribute (1)	canContribute (2)	cantRead (3)	canRead (4)	Permissions on KB (in the following order)
User D	empty	empty	empty	User D -> Denied Create All Other Users with role -> Create All Users (including unauthenticated users) -> Read
User D	empty	empty	User A	User D -> Denied Create, Read All Other Users with role -> Create User A -> Read All Users with role -> Read
User D	empty	User B	empty	User D -> Denied Create All Other Users with role -> Create User B -> Denied Read All Users (including unauthenticated users) -> Read
User D	empty	User B	User A	User D -> Denied Create, Read All Other Users with role -> Create User A -> Read All Users with role -> Read User B -> Denied Read


Contribute		Read		Result
cantContribute (1)	canContribute (2)	cantRead (3)	canRead (4)	Permissions on KB (in the following order)
User D	User C	empty	empty	User D -> Denied Create User C -> Create, Read All Users (including unauthenticated users) -> Read
User D	User C	empty	User A	User D -> Denied Create, Read User C -> Create, Read User A -> Read
User D	User C	User B	empty	User D -> Denied Create User C -> Create, Read User B -> Denied Read All Other Users -> Read
User D	User C	User B	User A	User D -> Denied Create, Read User C -> Create, Read User B -> Denied Read User A -> Read

Note: In the tables of rules, an implicit last rule is: All Users -> Denied Create, Read.

Previous topic

Next topic

Release version

Select user criteria for a knowledge base

You can specify user criteria to control which users can create, read, and write knowledge articles within a knowledge base.

Before you begin

Role required: knowledge_manager, knowledge_admin, or admin

About this task

User criteria definitions:

canRead: users who can read all knowledge base articles
cantRead: users who cannot read, create, or modify articles in the knowledge base
canContribute: users who can read, create, and modify articles in the knowledge base
cantContribute: users who cannot create or modify articles in the knowledge base

Set user criteria for a knowledge base without explicit roles

Set user criteria for a knowledge base with explicit roles

This video demonstrates how to control Knowledge Management access through user criteria.

Important: After making user criteria additions or changes, you may need to log out and back in to clear the prior configuration.

Procedure

Navigate to Knowledge > Knowledge Bases.
Select a knowledge base you manage.

Access one of these related lists, and then select or create user criteria records.

Option	Description
Can read	Users who meet one of these criteria can read articles in this knowledge base.
Can contribute	Users who meet one of these criteria can create and edit articles in this knowledge base.

Result

Table 1. Order of System Validation (L->R)
Contribute		Read		Result
cantContribute (1)	canContribute (2)	cantRead (3)	canRead (4)	Permissions on KB (in the following order)
empty	empty	empty	empty	All Users with role -> Create All Users (including unauthenticated users) -> Read
empty	empty	empty	User A	All Users with role -> Create User A -> Read All Users with role -> Read
empty	empty	User B	empty	All Users with role -> Create User B → Denied Read All Users (including unauthenticated users) -> Read
empty	empty	User B	User A	All Users with role -> Create User A -> Read User B → Denied Read All Users with role -> Read


Contribute		Read		Result
cantContribute (1)	canContribute (2)	cantRead (3)	canRead (4)	Permissions on KB (in the following order)
empty	User C	empty	empty	User C -> Create All Users (including unauthenticated users) -> Read
empty	User C	empty	User A	User C -> Create, Read User A -> Read
empty	User C	User B	empty	User C -> Create, Read User B -> Denied Read All Other Users -> Read
empty	User C	User B	User A	User C -> Create, Read User B -> Denied Read User A -> Read


Contribute		Read		Result
cantContribute (1)	canContribute (2)	cantRead (3)	canRead (4)	Permissions on KB (in the following order)
User D	empty	empty	empty	User D -> Denied Create All Other Users with role -> Create All Users (including unauthenticated users) -> Read
User D	empty	empty	User A	User D -> Denied Create, Read All Other Users with role -> Create User A -> Read All Users with role -> Read
User D	empty	User B	empty	User D -> Denied Create All Other Users with role -> Create User B -> Denied Read All Users (including unauthenticated users) -> Read
User D	empty	User B	User A	User D -> Denied Create, Read All Other Users with role -> Create User A -> Read All Users with role -> Read User B -> Denied Read


Contribute		Read		Result
cantContribute (1)	canContribute (2)	cantRead (3)	canRead (4)	Permissions on KB (in the following order)
User D	User C	empty	empty	User D -> Denied Create User C -> Create, Read All Users (including unauthenticated users) -> Read
User D	User C	empty	User A	User D -> Denied Create, Read User C -> Create, Read User A -> Read
User D	User C	User B	empty	User D -> Denied Create User C -> Create, Read User B -> Denied Read All Other Users -> Read
User D	User C	User B	User A	User D -> Denied Create, Read User C -> Create, Read User B -> Denied Read User A -> Read

Note: In the tables of rules, an implicit last rule is: All Users -> Denied Create, Read.

How search works:

Topics are ranked in search results by how closely they match your search terms

Select user criteria for a knowledge base

Select user criteria for a knowledge base

On this page

Select user criteria for a knowledge base

Select user criteria for a knowledge base

Log in to personalize your search results and subscribe to topics