Knowledge Base article data model causing inconsistent access for internal vs external users

ashley_tech · December 8, 2024, 10:45am

We’re having inconsistent access issues with our Knowledge Base articles in our customer portal. Some portal users can see certain articles while others can’t, even though they should all have the same access level. We have three data categories (Product_Info, Troubleshooting, Account_Management) and two record types (Internal_KB and Customer_Facing_KB).

The setup: Articles are assigned to data categories and record types, with field-level security configured on custom fields like Solution_Steps__c and Internal_Notes__c. Portal users should see all Customer_Facing_KB articles in the Product_Info and Troubleshooting categories, but not Internal_Notes__c field.

When I query articles as a portal user:


SELECT Title, Summary, Solution_Steps__c
FROM Knowledge__kav
WHERE PublishStatus='Online'

Some articles return empty results even though they’re published and assigned to the correct categories. Internal users see everything fine. I suspect it’s related to how record types, data categories, and field-level security interact, but I can’t pinpoint the exact issue. Has anyone dealt with Knowledge article visibility problems for portal users?

thomas_sql · December 10, 2024, 11:30am

Don’t forget about sharing rules! Knowledge articles use a special sharing model. You need to create sharing rules specifically for portal users - go to Setup → Sharing Settings → Knowledge Article Sharing Rules. Create a rule that shares Customer_Facing_KB articles with your portal user role. The rule should be based on record type criteria (RecordType = ‘Customer_Facing_KB’) and share with ‘Portal Roles and Subordinates’. Without explicit sharing rules, portal users only see articles they own, which is probably why access is inconsistent.

andrewcloud · December 9, 2024, 4:44pm

Field-level security on custom fields can block entire article visibility in some cases, not just hide the field. If Solution_Steps__c is set to hidden for portal users but the article’s page layout requires it, the article might be filtered from query results. Check Setup → Object Manager → Knowledge → Fields → Solution_Steps__c and ensure portal profiles have at least ‘Read’ access. Also review the page layout assigned to Customer_Facing_KB record type - remove required fields that portal users can’t access.

kevinpro · December 9, 2024, 9:17am

Your SOQL query looks fine, but portal users need specific permissions beyond just data category access. Check if the portal user profile has ‘Read’ permission on the Knowledge__kav object itself. Also verify the Customer_Facing_KB record type is assigned to the portal profile. Even if articles have the correct record type, users can’t see them if that record type isn’t in their profile’s available list. Go to Profile → Object Settings → Knowledge to verify both object permissions and record type assignments.

donnapro · December 8, 2024, 1:22pm

Knowledge article visibility for portal users is controlled by multiple layers. First check your data category group visibility settings - go to Setup → Data Category Groups and verify portal user profiles have ‘Visible’ access to Product_Info and Troubleshooting categories. Just having the record type assigned isn’t enough; data category visibility is separate and often the culprit for inconsistent access.

michellecloud · December 10, 2024, 6:05pm

I’ve seen this exact issue before. The problem is often a combination of data category visibility and article version status. Knowledge articles have multiple versions (draft, published, archived), and portal users can only query the ‘Online’ version. But if an article was published, then a new draft was created, the data category assignments on the draft might differ from the published version. Run this query as an admin to check for mismatches between draft and published versions’ data category assignments.

richard_sql · December 11, 2024, 2:20pm

After systematically checking all the suggestions, I found the root cause was a combination of three configuration gaps:

Issue 1: Record Type and Data Category Setup The Customer_Facing_KB record type was correctly assigned to portal user profiles, but the data category group visibility was misconfigured. I went to Setup → Data Category Groups → Support_Categories and found that portal profiles only had visibility to the ‘All’ category, not the specific child categories (Product_Info, Troubleshooting).

Fixed by: Editing the category group visibility settings to explicitly grant portal profiles access to Product_Info and Troubleshooting categories with ‘Visible’ access level. The ‘All’ category alone doesn’t cascade visibility to children in Knowledge article context.

Issue 2: Field-Level Security for Custom Fields The Solution_Steps__c field had ‘Hidden’ access for portal profiles, which was correct since we want portal users to see it. However, Internal_Notes__c field was also hidden but was marked as ‘Required’ on the Customer_Facing_KB page layout. This caused articles with empty Internal_Notes__c to fail validation when portal users queried them, resulting in those articles being excluded from results.

Fixed by: Changed Internal_Notes__c to optional on the Customer_Facing_KB layout and created a validation rule that only enforces it for Internal_KB record type:


AND(
  RecordType.Name = 'Internal_KB',
  ISBLANK(Internal_Notes__c)
)

This allows Customer_Facing_KB articles to have empty Internal_Notes__c without breaking portal queries.

Issue 3: Sharing Rules for Portal Users Knowledge articles weren’t being shared with portal users through explicit sharing rules. The default sharing model for Knowledge is ‘Private’ which means only article owners and users with ‘Manage Articles’ permission can see them.

Fixed by: Created a Knowledge Article Sharing Rule (Setup → Sharing Settings → Knowledge Article Sharing Rules) with these criteria:

Share records meeting criteria: RecordType = ‘Customer_Facing_KB’ AND PublishStatus = ‘Online’
Share with: Portal Roles and Subordinates (Customer Community Users)
Access Level: Read Only

This ensures all published Customer_Facing_KB articles are automatically visible to portal users regardless of ownership.

Additional Configuration:

Verified portal profile has ‘Read’ permission on Knowledge__kav object
Confirmed data category assignments are consistent between draft and published versions
Updated portal user profile to include ‘View Published Articles’ permission under Knowledge User settings

After implementing all three fixes, portal users now have consistent access to the correct Knowledge articles. The key learning: Knowledge article visibility requires alignment across four layers (record type access, data category visibility, field-level security, and sharing rules) - a misconfiguration in any layer breaks the entire access chain for portal users.

Topic		Replies	Views
Knowledge API article publish fails with validation error on custom field Salesforce question , api-development , rest-api , knowledge-base , sf-summer-24 , workflow-disruption , custom-fields , validation-error , knowledge-api	6	0	May 22, 2025
Knowledge base API customization triggers CORS error when accessed from external portal SAP Customer Experience (SAP CX) question , security , rest-api , knowledge-base , scx-2205 , external-integration , cors , server-side-cus , api-extension	5	0	February 6, 2025
Knowledge base article permissions not inheriting from parent category after restructure SAP Customer Experience (SAP CX) question , workflow , permissions , knowledge-base , scx-2205 , content-management , security-access , publishing , category-hierarchy	5	0	February 6, 2025
Knowledge article publishing fails with data category mismatch error after category group changes Salesforce question , configuration , knowledge-base , knowledge-mgmt , sf-summer-24 , validation-error , data-category-mismatch , article-publishing , category-assignment	4	0	March 23, 2025
Knowledge Base API returns HTML content with broken formatting and missing images Zoho CRM question , api-development , rest-api , knowledge-base , zoho-2022 , html-parsing , cors , content-rendering , image-urls	6	0	April 22, 2025
Knowledge article deployment fails with 'Missing Data Category' error Salesforce question , xml , knowledge-base , sf-summer-25 , metadata-api , deployment-failure , deployment-release-mgt , data-category , sandbox-to-production	5	1	June 17, 2025
Knowledge article versioning versus publishing controls: balancing compliance with content agility Salesforce discussion , data-governance , workflow , compliance , knowledge-base , sf-summer-25 , knowledge-management , versioning-vs-publishing , content-control	3	0	September 16, 2025
Partner user cannot access shared dashboard in Partner Portal after permission set changes Salesforce question , configuration , analytics-reporting , partner-portal , sf-summer-24 , user-access , dashboard-permissions , partner-reporting	5	2	April 24, 2025
Partner portal data access restricted after recent role-based permission update Zendesk Sell question , data-governance , access-control , user-management , partner-portal , zs-2021 , role-permissions , data-sharing	3	0	February 19, 2025

Knowledge Base article data model causing inconsistent access for internal vs external users

Related topics