Hey guys!

I would like to ask you a question, I have a user who has the role "user_admin" and "sn_si.manager", which are the ACL roles that allow a user to perform a DELETE on sys_user_grmember and sys_user_has_role (my understanding). However, when I try to make a DELETE request through the Table API, I receive the following response when the sys_id sent in the request is from a group or user that contains the role "itil". Here's the response:

HTTP StatusCode: 403

{
"error": {
"message": "Operation Failed",
"detail": "ACL Exception Delete Failed due to security constraints"
},
"status": "failure"
}

Do you know what it could be? Even if I add the role "itil" and "itil_admin" to the request user, the error continues to occur.

Note: There are no other DELETE ACLs for these tables that are active.

Edit: 

I just understood that the user I'm getting the error under is the Sailpoint Connector service account (https://documentation.sailpoint.com/connectors/identityiq/servicenow/igc/help/integrating_snow_ident...), it just originally contained the roles created for the ACLs created to satisfy this user, in the sys_user_grmember and sys_user_has_role tables. Since it was working correctly a few weeks ago. And nothing was changed in the user, in their roles and in the ACLs of these tables. No new ACLs were created.

I even looked at the troubleshooting available in the connector documentation and the configuration was already correct: https://documentation.sailpoint.com/connectors/identityiq/servicenow/igc/help/integrating_snow_ident...

I think I'm seeing the same error described in this other post: https://www.servicenow.com/community/developer-forum/sailpoint-identity-governance-getting-403-respo...