I would like to lock down the web service account used to interact with REST APIs

Ray Mason
Tera Contributor

‎04-30-2025 08:42 AM

Hello,

 

I am working with some developers that would like to access ITSM tables via REST APIs.  I would like to create a web service account and apply the correct roles that provides that would adhere to the least privilege security model.  Can someone provide any guidance on best practices?

 

Thanks,

 

Ray 

0 Helpfuls
  • 237 Views
2 REPLIES 2

Chaitanya ILCR
Kilo Patron

‎04-30-2025 08:51 AM - edited ‎04-30-2025 08:51 AM

Hi @Ray Mason ,

Create the service account and mark web service access only =true

and give roles itil,rest_service

 

itil roles covers the itsm tables

and rest_service for rest api access

ChaitanyaILCR_0-1746028176593.png

ChaitanyaILCR_1-1746028258207.png

 

Please mark my answer as helpful/correct if it resolves your query.

Regards,
Chaitanya

 

0 Helpfuls

Dr Atul G- LNG
Tera Patron
Tera Patron

‎04-30-2025 08:52 AM

Hi @Ray Mason 

https://www.servicenow.com/community/in-other-news/user-account-or-service-account-what-to-use-for-w...

 

 

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls