Hi community,We're running into a permissions gap with our ServiceNow Knowledge Base content ingested into Moveworks Internal Knowledge. Users who are Knowledge Base managers or contributors in ServiceNow are not being served articles through the bot — they receive a "no permission" response in the permission checker even though ServiceNow implicitly grants them read access.I understand why this happens — Moveworks evaluates access strictly against the Can Read User Criteria records and doesn't inherit implicit ServiceNow access for contributor/manager roles. What we'd love to know:Has anyone found a way to scope Additional Access DSL rules more granularly — for example, per KB or per article category — rather than granting blanket access? Is there a supported way to ingest ServiceNow KB Manager/Contributor role assignments as user attributes so they can be referenced in DSL rules? Are there any other patterns (custom user tags, ingestion mappings, permission rule strategies) that teams have used to bridge this gap without fully rebuilding User Criteria in ServiceNow?Any tips or examples from folks who've tackled this would be really appreciated. Happy to share more details about our current setup if helpful!

Question

ServiceNow knowledge permissions

Forum|Forum|5 days ago
May 19, 2026
0 replies
8 views

Joel.Matias
New Participant

Hi community,

We're running into a permissions gap with our ServiceNow Knowledge Base content ingested into Moveworks Internal Knowledge. Users who are Knowledge Base managers or contributors in ServiceNow are not being served articles through the bot — they receive a "no permission" response in the permission checker even though ServiceNow implicitly grants them read access.

I understand why this happens — Moveworks evaluates access strictly against the Can Read User Criteria records and doesn't inherit implicit ServiceNow access for contributor/manager roles.

What we'd love to know:

Has anyone found a way to scope Additional Access DSL rules more granularly — for example, per KB or per article category — rather than granting blanket access?
Is there a supported way to ingest ServiceNow KB Manager/Contributor role assignments as user attributes so they can be referenced in DSL rules?
Are there any other patterns (custom user tags, ingestion mappings, permission rule strategies) that teams have used to bridge this gap without fully rebuilding User Criteria in ServiceNow?

Any tips or examples from folks who've tackled this would be really appreciated. Happy to share more details about our current setup if helpful!

Sign up

If you're a Moveworks customer, you can click the SSO button below to login-even if it's your first time. Everyone else can use email or click create an account above to register.

Login or create an account

If you're a Moveworks customer, you can click the SSO button below to login-even if it's your first time. Everyone else can use email or click create an account above to register.

Scanning file for viruses.

This file cannot be downloaded