---
title: Use custom table fields in user criteria records
slug: l2be0198
canonical_url: https://docs.coveo.com/en/l2be0198/
collection: coveo-for-servicenow
source_format: adoc
---
# Use custom table fields in user criteria records
This article describes how to use custom table fields in a ServiceNow user criteria record with advanced (scripted) permissions to replicate the ServiceNow user [permissions](https://docs.coveo.com/en/223/) and index  who can access [source](https://docs.coveo.com/en/246/) [items](https://docs.coveo.com/en/210/) through a Coveo-powered search interface in ServiceNow.

> **Note**
>
> The **Match All** option in the user criteria record must be disabled to use custom table fields to index security permissions for Coveo for ServiceNow.

Though Coveo for ServiceNow supports base user criteria permissions in ServiceNow, user criteria records with advanced permissions aren't supported by default.
If you chose to replicate the ServiceNow item permission system in your Coveo-powered search interface by selecting the **Same users and groups as in your content system** [content security](https://docs.coveo.com/en/2107#content-security-tab) option, you can use custom table fields to retrieve user email information from a ServiceNow user criteria record.

The custom table fields allow the [security identity provider](https://docs.coveo.com/en/242/) associated to your ServiceNow source to query a system table that's referenced in a user criteria scripted permission and index the security permissions.

By default, the ServiceNow security provider in your [Coveo organization](https://docs.coveo.com/en/185/) checks for the presence of three Coveo-specific table fields in user criteria records based on the following preset column (field) names.

* `u_coveo_table`: Specifies the system table to query.
* `u_coveo_query`: Specifies the filter or condition to apply to the query in the system table.
* `u_coveo_output`: Specifies the fields from which to retrieve user emails in the system table.

To use custom table fields to index security permissions from a user criteria record with advanced permissions:

. [Add Coveo-specific table fields to user criteria records](https://docs.coveo.com/en/l2be0198#add-coveo-specific-table-fields-to-user-criteria-records).
. [Populate the custom table fields in a user criteria record](https://docs.coveo.com/en/l2be0198#populate-table-field-data-in-a-user-criteria-record).

> **Note**
>
> Instead of creating Coveo-specific table fields, you can [use your existing custom table fields](https://docs.coveo.com/en/l2be0198#use-existing-table-fields).
> Since the ServiceNow security provider can only check for one set of three custom fields, you must either use Coveo-specific table fields or your existing table fields.

## Add Coveo-specific table fields to user criteria records

. Access the Now Platform UI of your ServiceNow instance.
. Navigate to **System Definition** > **Tables**.
. Find and open the **User Criteria** system table.
. Create the `u_coveo_table` field:
 .. On the **Columns** tab, click **New**.
 .. In the **Type** field, enter `String`.
 .. In the **Column label** field, enter `Table`.
 .. In the **Column name** field, enter `u_coveo_table`.
 .. In the **Max length** field, enter the maximum number of characters (that is, `255`).
 .. Click **Submit**.
. Create the `u_coveo_query` field:
 .. On the **Columns** tab, click **New**.
 .. In the **Type** field, enter `String`.
 .. In the **Column label** field, enter `Query`.
 .. In the **Column name** field, enter `u_coveo_query`.
 .. In the **Max length** field, enter the maximum number of characters (that is, `255`).
 .. Click **Submit**.
. Create the `u_coveo_output` field:
 .. On the **Columns** tab, click **New**.
 .. In the **Type** field, enter `String`.
 .. In the **Column label** field, enter `Fields`.
 .. In the **Column name** field, enter `u_coveo_output`.
 .. In the **Max length** field, enter the maximum number of characters (that is, `255`).
 .. Click **Submit**.

> **Note**
>
> To mark the custom fields as Coveo-specific fields, you can add `Coveo` to the **Column label** entry (that is,
> `Query - Coveo`), or you can [modify the form design](https://www.servicenow.com/docs/bundle/zurich-platform-administration/page/administer/form-administration/concept/c_FormDesign.html) for the **User Criteria** system table so that the custom table fields appear in a separate "`Coveo`" section.
> 
> ![Custom table fields with query and field options | Coveo](:https://docs.coveo.com/en/assets/images/coveo-for-servicenow/custom-table-fields-form.png)

## Populate table field data in a user criteria record

Once you've [added custom table fields](https://docs.coveo.com/en/l2be0198#add-coveo-specific-table-fields-to-user-criteria-records), populate the field data for the user criteria records for which you want the ServiceNow security provider to index user permissions.

> **Note**
>
> The **Match All** option in the user criteria record must be disabled to use custom table fields to index security permissions for Coveo for ServiceNow.

. Access the Now Platform UI of your ServiceNow instance.
. Navigate to **Service Catalog** > **User Criteria**.
. Find and open the user criteria record with scripted permissions for which you want the ServiceNow security provider to retrieve user permissions.
. In the **Table** field, enter the system table that's referenced in the advanced permission script.
. (optional) In the **Query** field, enter the condition or filter to apply when querying the table.
. In the **Fields** field, enter the fields from which to retrieve user emails in the system table.
If the system table contains a reference to another table, you can also retrieve user email data from the referenced table by using dot-walking syntax.
Dot-walking references a field by building a chain of field names separated by dots (that is, `manager.email`).
Separate multiple entries in this field with a comma (`,`).

**Examples**

For the scripted permission in the image below, the system table is `customer_contact`, and the field in the table that contains the user emails is `email`.
Since a filter or condition for the query isn't required, you leave the `Query` field blank.

![Custom table field example showing customer_contact table and email field in ServiceNow | Coveo](https://docs.coveo.com/en/assets/images/coveo-for-servicenow/custom-table-field-example-simple.png)

For the scripted permission in the image below, the system table is `sys_user`, the condition to apply when querying the table is `+location=e458f8a56f9a1100f5db57ee2c3ee406^u_personstatus=A+`, and the field in the system table that contains the user emails is `email`.
Since the system table contains a reference to another table from which you want to also retrieve the manager's email, you enter `manager.email` using dot-walking syntax.

![A complex custom table field example with script and query in ServiceNow | Coveo](https://docs.coveo.com/en/assets/images/coveo-for-servicenow/custom-table-field-example-complex.png)

## Use existing table fields

If you choose to use existing fields in user criteria records instead of Coveo-specific fields, you can use at most three separate fields and the [field data](https://docs.coveo.com/en/l2be0198#populate-table-field-data-in-a-user-criteria-record) for each must be consistent with the data that's expected when using the Coveo-specific table fields.
Since the ServiceNow security provider can only check for one set of three custom fields, you must either use Coveo-specific table fields or your existing table fields.

To use your existing table fields, you must modify the ServiceNow security provider JSON configuration to check for the presence of the existing table fields instead of the Coveo-specific table fields.

. On the [**Security Identities**](https://platform.cloud.coveo.com/admin/#/orgid/content/permissions/providers/) ([platform-ca](https://platform-ca.cloud.coveo.com/admin/#/orgid/content/permissions/providers/) | [platform-eu](https://platform-eu.cloud.coveo.com/admin/#/orgid/content/permissions/providers/) | [platform-au](https://platform-au.cloud.coveo.com/admin/#/orgid/content/permissions/providers/)) page, click the ServiceNow security provider that's associated to your ServiceNow source, and then click **More** > **Edit configuration with JSON** in the Action bar.
. In the JSON configuration text field, add the following JSON in the `parameters` section, where:
 ** `CustomCriteriaTableField` is the parameter for the table field that specifies the system table to query.
 ** `CustomCriteriaQueryField` is the parameter for the table field that specifies the filter or condition to apply to the query in the system table.
 ** `CustomCriteriaOutputField` is the parameter for the table field that specifies the fields from which to retrieve user emails in the system table.
 ** `column_name` is the name of the corresponding table field.


```json
 "CustomCriteriaTableField": {
 "value": "column_name"
 },
 "CustomCriteriaQueryField": {
   "value": "column_name"
 },
 "CustomCriteriaOutputField": {
   "value": "column_name"
 },
```
. Click **Save**.

**Example**

If the column names for your table fields are `u_table`, `u_condition`, and `u_retrieve`, the JSON should be as follows:

![An example JSON configuration for custom table fields in ServiceNow using existing fields | Coveo](https://docs.coveo.com/en/assets/images/coveo-for-servicenow/custom-table-fields-json-example.png)