How to deny all external REST API calls?

romanm5
Tera Contributor

‎11-03-2022 12:01 PM - edited ‎11-03-2022 12:02 PM

I have a requirements to allow interactive user logon to ServiceNow from external network but need to deny all REST API calls.  

"REST API Access Policy plugin" is not very well documented. The solution with adding filters doesn't work.

Can you help?

0 Helpfuls
  • 1,484 Views
6 REPLIES 6

Harish V
Giga Guru
In response to Randheer Singh

‎11-15-2023 09:32 AM

@Randheer Singh ,

 

How to you create policies for APIs that does not require authentication? I am unable to find a way to restrict scripted REST APIs that with "requires authentication=false"

0 Helpfuls

Randheer Singh
ServiceNow Employee
ServiceNow Employee
In response to Harish V

‎11-20-2023 06:08 AM

API access policies can not be applied to public APIs. You may want to check if you can add IP restrictions through the ACL (With the Script) associated with the scripted REST API.

0 Helpfuls