Client scripts

  • Release version: Yokohama
  • Updated May 18, 2026
  • 3 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Client scripts

    Client scripts in ServiceNow enable running JavaScript in the user's web browser to respond to client-side events such as form loading, field value changes, and form submission. They allow you to dynamically configure forms and field behavior to improve the user experience by making fields visible or hidden, read-only or writable, mandatory or optional, setting field values conditionally, modifying choice lists, and displaying messages based on field values.

    Show full answer Show less

    Important: Client scripts are designed to enhance the user interface and should not be relied upon for data security. To protect sensitive data, use Access Control Lists (ACLs) or data policies.

    Where Client Scripts Run

    • Client scripts generally run on forms and search pages, except for onCellEdit() scripts which run on list editors.
    • Client scripts do not run on ServiceNow mobile applications.
    • To control field values on lists (outside of onCellEdit()), use ACLs, business rules, data policies, or disable list editing.

    Client Script Configuration

    When creating a client script, you configure the following key fields:

    • Name: Identifies the script.
    • Table: Specifies the table the script applies to.
    • UI Type: Defines where the script runs (Desktop, Mobile/Portal, or All).
    • Type: Determines when the script runs:
      • onLoad(): Executes when the form loads, used for setting default values or manipulating form fields.
      • onSubmit(): Runs on form submission, typically to validate entries and can cancel submission if needed.
      • onChange(): Fires when a specific field value changes on a form, providing access to old and new values.
      • onCellEdit(): Executes when a list cell is edited, supporting validation in list editors.
    • Field Name: Used for onChange() or onCellEdit() scripts to specify the target field.
    • Application: Application scope of the script.
    • Active: Enables or disables the script.
    • Inherited: Indicates if the script applies to extended tables.
    • Global and View: Controls script execution across all views or specific views.
    • Description: Explains the script’s purpose.
    • Messages: Defines localized messages accessible in the script.
    • Script: Contains the JavaScript code.
    • Isolate script: By default, scripts run in strict mode disabling direct DOM and global object access to enhance security. This can be disabled per script if DOM access is required.

    Practical Considerations for ServiceNow Customers

    • Use client scripts to tailor form behavior dynamically and enhance user experience during data entry.
    • Combine client scripts with ACLs and data policies to enforce security and data integrity.
    • Choose the appropriate script type based on when you need the logic to run (load, change, submit, or list edit).
    • Be aware that client scripts do not run in the ServiceNow mobile interface, so plan accordingly for mobile users.
    • Use the UI Type setting to control where your client scripts execute, ensuring they only run in intended interfaces.
    • Leverage the Isolate script option to balance between security and necessary DOM manipulations.

    Client scripts allow the system to run JavaScript on the client (web browser) when client-based events occur, such as when a form loads, after form submission, or when a field changes value.

    Use client scripts to configure forms, form fields, and field values while the user is using the form. Client scripts can:

    • make fields hidden or visible
    • make fields read only or writable
    • make fields optional or mandatory based on the user's role
    • set the value in one field based on the value in other fields
    • modify the options in a choice list based on a user's role
    • display messages based on a value in a field
    Warning:

    Client scripts are intended to optimize the user experience on a form. Client scripts are not meant to protect unwanted access to data.

    To prevent unwanted access to data, ensure that sensitive fields are hidden or read-only through ACLs or data policies.

    For more information, see Access Control List Rules or Data policy.

    Where client scripts run

    With the exception of onCellEdit() client scripts, client scripts only apply to forms and search pages. If you create a client script to control field values on a form, you must use one of these other methods to control field values when on a list.
    • Create an access control to restrict who can edit field values.
    • Create a business rule to validate content.
    • Create a data policy to validate content.
    • Create an onCellEdit() client script to validate content.
    • Disable list editing for the table.
    Note:
    Client scripts are not supported on ServiceNow mobile applications.

    Client script form

    Field Description
    Name Name of the client script.
    Table Table to which the client script applies.
    UI Type Target user interface to which the client script applies.
    • Desktop: The script runs only in the desktop Core UI.
    • Mobile / Service Portal: The script runs only in mobile, portal, or configurable workspace UIs.
    • All: The script executes across all available UIs.
    Type

    onLoad() — runs when the system first renders the form and before users can enter data. Typically, onLoad() client scripts perform client-side-manipulation of the current form or set default record values.

    onSubmit() — runs when a form is submitted. Typically, onSubmit() scripts validate things on the form and ensure that the submission makes sense. An onSubmit() client script can cancel form submission by returning a value of false.

    onChange() — runs when a particular field value changes on the form. The onChange() client script must specify these parameters.
    • control: the DHTML widget whose value changed.
      Note:
      control is not accessible in mobile and service portal.
    • oldValue: the value the widget had when the record was loaded.
      Note:
      Old values aren't returned for the HTML field type.
    • newValue: the value the widget has after the change.
    • isLoading: identifies whether the change occurs as part of a form load.
    • isTemplate: identifies whether the change occurs as part of a template load.
    onCellEdit() — runs when the list editor changes a cell value. The onCellEdit() client script must specify these parameters.
    • sysIDs: an array of the sys_ids for all items being edited.
    • table: the table of the items being edited.
    • oldValues: the old values of the cells being edited.
    • newValue: the new value for the cells being edited.
    • callback: a callback that continues the execution of any other related cell edit scripts. If true is passed as a parameter, the other scripts are executed or the change is committed if there are no more scripts. If false is passed as a parameter, any further scripts are not executed and the change is not committed.
    Field Name Name of the field to which the script applies. Available only if the script responds to a field value change (onChange or onCellEdit script types).
    Application Application where this client script resides.
    Active Enables the client script when selected. Unselect this field to disable the client script.
    Inherited Indicates whether the client script applies to extended tables.
    Global If true, the client script runs on all views of the table.
    View Only visible when Global is unselected. Views on which the client script will run.
    Description Content describing the functionality and purpose of the client script.
    Messages Text string (one per line) available to the client script as localized messages using getmessage('[message]'). For additional information, see Translate a client script message.
    Script Contains the client script.
    Isolate script New client scripts are run in strict mode, in which direct DOM access is turned off. Access to jQuery, prototype, and the window object are also turned off by default. To enable DOM access on a per-script basis, leave the Isolate script option cleared. To turn off strict mode for all new globally scoped client scripts, set the glide.script.block.client.globals system property to false.