How to restrict /api/now/sp/search to authenticated users only?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-16-2022 11:51 AM
Hi,
I have been asked to fulfill the following requirement:
Limit /api/now/sp/search to authenticated users only. Right now when you send a POST query, it comes back with Status: 201 Created and null results. The desired result is Status: 401.
Is this possible? If yes, how do I accomplish this task? Ideally, we would like unauthenticated users to get one of the following error messages (listed in the preferred order:)
DESIRED the most >> 401 - indicates that the request has not been applied because it lacks valid authentication credentials for the target resource. The user is not authenticated.
403 - indicates that the server understood the request but refuses to allow it. The action the user wants to take is forbidden.
404 - indicates that the server can’t find the requested resource.
If it isn't already obvious, service portal development is not my area of expertise so kindly keep that in mind when responding.
Thanks in advance!
- Labels:
-
Service Portal Development
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-16-2022 11:57 AM
Hello,
Out of box the Service Portal is only for internal users.
If an unauthenticated user tried to go to your URL /sp, etc. they would only see a login screen and not your actual index page/main sp page.
If this is not the behavior today, then you all have customized things to actually differ from "traditional".
Please mark reply as Helpful/Correct, if applicable. Thanks!
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-16-2022 12:06 PM
Yikes, I am confused. I will edit my question...the requirement is to limit the /api/now/sp/search to authenticated users only. Right now when you send a POST query, it comes back with Status: 201 Created and null results. The desired result is Status: 401.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-16-2022 11:58 AM
Hi cynlink1
Are you sure? internal users only is absolutely the traditional.
Generally speaking portals are not available to externals.
if you want to exclude
go to index page of portal.
This page has related list for user criteria
set user criteria
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-16-2022 12:06 PM
Yikes, I am confused. I will edit my question...the requirement is to limit the /api/now/sp/search to authenticated users only. Right now when you send a POST query, it comes back with Status: 201 Created and null results. The desired result is Status: 401.
