Hi Everyone,
We are currently in the process of developing a scoped application intended for publication on the ServiceNow Store. In our efforts to ensure compliance with Application Access Settings and achieve certification.
Currently, we're encountering an issue related to Application Access. The error is: "Security restricted: Access to api 'put(sys_user_group.name)' from scope 'xxx' has been refused due to the api's cross-scope access policy" or "Scope does not have write access to table sys_user_group".
So basically, our scope applications require access to OOTB tables, specifically:
- Group: Can Create, Can Update
- Group Members: Can Delete
While these permissions can be enabled by activating the corresponding checkboxes in the table configuration, it seems that this approach is not compliant with certification requirements.
We are reaching out to the NOW Community for insights and recommendations on effectively interacting with OOTB tables from a scoped application within the context of Store Application certification.
If anyone has successfully obtained certification with similar circumstances, we would greatly appreciate hearing about your experiences and any solutions you implemented to address this issue.
Thank you,
Tai Vu
