2631744 - Non-permissioned application fields appearing in candidate's view from Job Applied section when requisition is closed - RCM

Customer defined several company-sensitive custom fields in their job application template and configured read/write permissions for operators (recruiters, hiring managers, etc.) only. Candidates do not have permission to read/write on the configured custom fields. However, when the job requisition is closed, candidates are able to read the data for these company-sensitive fields.

Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely coincidental.

SAP SuccessFactors Recruiting Management

The cause of the issue in the job application template was a configuration issue. Field overrides were set up to allow certain fields to be viewed publicly by candidates. However, this field override bypassed the field permissions for candidates. As a result, candidates were able to view the fields even after the requisition was closed, despite the fact that read/write permissions had not been defined. This oversight led to the unintended access of certain fields by candidates, highlighting the importance of carefully considering and testing all configuration changes to ensure they align with the intended permissions and access levels for users.

Review the Job Application template and correct the field override.

Field, Permission, Attribute, Override, Application, Override, rcm, recruiting, template, candidate, requisition , KBA , LOD-SF-RCM-APP , Applicants and Job Applications , Problem