API to Data

StefanSrba · ‎07-23-2025

Hey all!

My team got a request to give API access to our reporting team.

We would need to use user_admin and itil licenses to give access to the sys_user and sc_task tables.

Can we create for them a Report_API user, that would be Web service access only and Locked out and not to be counted towards the used licenses?

Or should this be done somehow differently? With additional roles/ACLs on those two tables?

Thanks!

JenniferRah · ‎07-24-2025

If they are just reading from the sys_user table, they don't need user_admin. The itil license would be sufficient for that (unless they need to see inactive users?).

Additionally, if they just need read access, you can give them the sn_read_only role and it will limit their ability to just read the information (See https://www.servicenow.com/docs/bundle/xanadu-platform-administration/page/administer/user-administr....

If you lock out the account, they won't be able to use it. As long as the user is set as Web service access only, it shouldn't count toward your licenses.