- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-10-2016 07:40 AM
Hi,
For the people who are using Scripted REST API's to post and update data to ServiceNow, how do you handle data validation? Specifically for reference fields? I have found that if you pass in an invalid sys_id, the record is still created with a null value where the sys_id was invalid. This is unexpected behavior, as I would expect an error response of an invalid value.
Am I missing something trivial here or is the developer responsible for handling all data validation?
Thanks!
Solved! Go to Solution.
- Labels:
-
Integrations
-
Scripting and Coding
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-10-2016 07:44 AM
Hi Greg,
For scripted REST API, you are in control. I recommend validating the sys_id before inserting/updating the record.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-10-2016 07:47 AM
I always manually look up the referenced field for example:
Say I'm inserting an incident with a task referenced on it, I will manually check that the task exists before doing the insert. The task sys id is passed in on the request body in the field "task".
// validate the task sys_id
var task = new GlideRecord('task');
// get the task by sys id...if the fetch fails...then we know it doesnt exist...
if (! task.get(body.task)){
// some HTTP code to indicate something is wrong
response.setStatus(400);
}
// build and insert the incident
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-10-2016 07:53 AM
Thanks for the reply Nathan. Good to know. Wanted to be sure that was the only way before going down that path.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-16-2016 08:00 AM
One more quick question. What is the difference between the functionality of a Scripted REST API and a Script type Processor? Both seem to do exactly the same thing from what I have researched.
Is there anything I am missing where one has an advantage of the other?
Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-16-2016 08:20 AM
Scripted REST API should be used over processors. They have the following advantages:
- Better control over the request and response (and parameters)
- Versioning (this is the big one). You can leave your remote clients using v1 while you enhance v2 and have both deployed at the same time!
This should help
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-16-2016 08:33 AM
Thank you so much Chuck.
