Unauthorised ticket closure by End UserIssue End user with no roles closed the RITM from Service Portal where no UI Action was visible. Custom UI Action for closing RITM was visible on platform view with visibility condition as (Active=true).ResolutionSteps taken to fix this issue- 1. We fetched this URL from the transaction log activity. 2. Copied the URL from that transaction logs and replaced the sys_id of the affected RITM with a new in progress RITM sys_id. /nav_to.do?uri=sc_req_item.do?sys_id=<<sys_id>>8&sysparm_stack=sc_req_item_list.do?sysparm_query=active=true 3. Then Impersonated another end user who was requester.4. We were redirected to SP page where the UI action was visible. 5. This link was hardcoded in the email notification from where end user accessed it and closed the RITM himself. Custom UI action with no role based restrictions exposed this UI action to end user- To avoid UI action visibility conditions should contain restrictions based on rolesCombine conditions and roles to limit access to UI actions by user role. The syntax is: gs.hasRole('role_name') A community article will help in applying restrictions on UI action visibility.