Cross-scope- access error om Engagement memo(sn_audit_advanced_engagement_mem)when saving the record
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 hours ago
Team,
I am encountering cross-scope access errors when opening Engagement Memo records in Advanced Audit.
Error messages:
Access to api '(sn_audit_advanced_engagement_memo.sn_audit_engagement)' from scope 'sn_audit' has been refused due to the API's cross-scope access policy.
Access to api '(sn_audit_advanced_engagement_memo.end_date)' from scope 'sn_audit' has been refused due to the API's cross-scope access policy.
Environment:
ServiceNow GRC / Advanced Audit
Table: sn_audit_advanced_engagement_memo
The Engagement Memo table extends sn_audit_task (Audit Task)
What I observed:
Creating an Engagement Memo generates a TASK record and it appears in the Audit Task list.
The record opens successfully but the cross-scope errors are displayed at the top of the form.
XML of the record shows:
sys_class_name = sn_audit_advanced_engagement_memo
top_task populated
sn_audit_engagement is empty
Investigation performed:
Reviewed Business Rules on sn_audit_task.
Checked Business Rules such as:
Update engagement when top task changes
Validate task date with parent date
Validate start and end dates
Update parent task percent complete
Update planned end date
Reviewed table hierarchy and confirmed:
sn_audit_advanced_engagement_memo extends sn_audit_task
Checked Application Cross-Scope Access records but did not find any obvious denied access entries related to this issue.
Question: Has anyone seen cross-scope access errors on Engagement Memo fields (sn_audit_engagement and end_date) in Advanced Audit? Are there any known OOTB scripts, client scripts, UI policies, script includes, or application access settings that can cause this behavior?
Any guidance on where else to investigate would be appreciated.
I am encountering cross-scope access errors when opening Engagement Memo records in Advanced Audit.
Error messages:
Access to api '(sn_audit_advanced_engagement_memo.sn_audit_engagement)' from scope 'sn_audit' has been refused due to the API's cross-scope access policy.
Access to api '(sn_audit_advanced_engagement_memo.end_date)' from scope 'sn_audit' has been refused due to the API's cross-scope access policy.
Environment:
ServiceNow GRC / Advanced Audit
Table: sn_audit_advanced_engagement_memo
The Engagement Memo table extends sn_audit_task (Audit Task)
What I observed:
Creating an Engagement Memo generates a TASK record and it appears in the Audit Task list.
The record opens successfully but the cross-scope errors are displayed at the top of the form.
XML of the record shows:
sys_class_name = sn_audit_advanced_engagement_memo
top_task populated
sn_audit_engagement is empty
Investigation performed:
Reviewed Business Rules on sn_audit_task.
Checked Business Rules such as:
Update engagement when top task changes
Validate task date with parent date
Validate start and end dates
Update parent task percent complete
Update planned end date
Reviewed table hierarchy and confirmed:
sn_audit_advanced_engagement_memo extends sn_audit_task
Checked Application Cross-Scope Access records but did not find any obvious denied access entries related to this issue.
Question: Has anyone seen cross-scope access errors on Engagement Memo fields (sn_audit_engagement and end_date) in Advanced Audit? Are there any known OOTB scripts, client scripts, UI policies, script includes, or application access settings that can cause this behavior?
Any guidance on where else to investigate would be appreciated.
1 REPLY 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
45m ago
Navigate to RCA Table: In the application navigator, go to Restricted Caller Access Privileges (Or in Nagigator type sys_restricted_caller_access.list).
Locate Pending Requests: Filter the list where Status is Requested or Invalidated. Look for records where:
- Source Scope: sn_audit
- Target Scope: sn_audit_advanced_engagement_memo
- Target Name: sn_audit_engagement (or select your target table)
Update Status: Open each relevant record and change the Status field to Allowed
Verify Table Settings: Ensure the target table allows cross-scope operations:
- Go to System Definition > Tables and open the sn_audit_advanced_engagement_memo record.
- Under the Application Access tab, verify that Accessible from is set to All application scopes and that Can read (and Can update if necessary) is checked.
Please Accept the solution if it assisted you with your question & Mark this response as Helpful.
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti
Regards
Tanushree Maiti
ServiceNow Technical Architect
LinkedIn: https://www.linkedin.com/in/tanushreemaiti
