Symptom
-
Customer defined several company-sensitive custom fields in their job application template and configured read/write permissions for operators (recruiters, hiring managers, etc.) only. Candidates do not have permission to read/write on the configured custom fields. However, when the job requisition is closed, candidates are able to read the data for these company-sensitive fields.
***Screenshot was taken from an SAP demo/test instance. No actual customer data is shown here.***
Environment
-
SuccessFactors Recruiting Management
Cause
- Configuration issue.
-
Field overrides were configured in the job application template to allow the fields to viewed publicly by candidates.
- The field override bypasses the field permissions for candidates. Hence, it allowed candidates to view the fields when the requisition was closed, although read/write permissions were not defined.
Resolution
-
Inform the customer to remove the field overrides configured in their job application template.
Keywords
-
Field Permission
- Field Attribute Override
Product
SAP SuccessFactors Recruiting all versions