External content security

Australia ServiceNow AI Platform Administration

Release

australia

ft:locale

de-DE

ft:publication_title

Australia ServiceNow AI Platform Administration

ft:clusterId

platadm

bundleId

platadm

workflow

Platform

External content security for AI Search

Freigeben Version: Australia

Aktualisiert 12. März 2026

2 Minuten Lesedauer

AI Search preserves user and group security access permissions specified for documents indexed from external sources. You can control access to external content search results by mapping these externally defined users and groups to ServiceNow AI Platform® users.

For an overview of AI Search content security, see Content security in AI Search.

Requirements

To use external content security, include the following two steps in your ingestion and indexing process for external documents:


Step	Description
Specify access permissions on each external document fed for ingestion	Access permissions for an external document can allow or deny access to the document globally (for all users), or can include lists of specific externally defined users and groups who are allowed or denied access to the document. AI Search preserves the external document's security access permissions during indexing. Additional information: For an overview of specifying access permissions on external documents, see Defining access permissions for external documents. To learn about the set of access permissions supported for external content security, see External content access permissions. For details on special access permissions granted by certain user roles, see Special external content access permissions by role. To learn how to reverse the default precedence of users.read and groups.deny access permissions for an external content indexed source, see Change the precedence of user read and group deny permissions for an external content indexed source.
Define user mappings in tables linked to external content indexed sources	A user mapping specifies externally defined user and group aliases for a ServiceNow AI Platform user. Link these user mappings to indexed sources for external content. AI Search uses an indexed source's user mappings in conjunction with indexed records' access permissions to determine ServiceNow AI Platform user access for search results from the indexed source. Additional information: For an overview of user mappings, see Mapping external users and groups to ServiceNow AI Platform users. To learn about the set of externally defined security principal types supported in user mappings, see External user mapping security principal types. For instructions on creating a table to store your user mappings, see Create a user mapping table. For instructions on linking your user mapping tables to external content indexed sources, see Link a user mapping table to an external content indexed source. To learn about importing user mappings via the AI Search External User Mapping API, see Importing user mappings. For instructions on viewing user mapping import history records to confirm that user mappings imported correctly, see View history records for user mapping import operations.

Security implementation for search queries

When a user's search query matches an indexed record created from an external document, AI Search performs these steps:

Examines the user mappings linked to the record's indexed source and retrieves the set of all externally defined users and groups aliased to the current ServiceNow AI Platform user's account.
Compares the mapped set of externally defined user and group aliases with the access permissions on the indexed search result record to see whether the ServiceNow AI Platform user should be allowed to view the search result.