How to restrict /api/now/sp/search to authenticated users only?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-16-2022 11:51 AM
Hi,
I have been asked to fulfill the following requirement:
Limit /api/now/sp/search to authenticated users only. Right now when you send a POST query, it comes back with Status: 201 Created and null results. The desired result is Status: 401.
Is this possible? If yes, how do I accomplish this task? Ideally, we would like unauthenticated users to get one of the following error messages (listed in the preferred order:)
DESIRED the most >> 401 - indicates that the request has not been applied because it lacks valid authentication credentials for the target resource. The user is not authenticated.
403 - indicates that the server understood the request but refuses to allow it. The action the user wants to take is forbidden.
404 - indicates that the server can’t find the requested resource.
If it isn't already obvious, service portal development is not my area of expertise so kindly keep that in mind when responding.
Thanks in advance!
- Labels:
-
Service Portal Development
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-16-2022 12:16 PM
I suspect securing the /api/now/sp/search is handled differently than /sp in the original version of my question. However, I checked the index page and the public checkbox is unticked.
- Can View has 'Users with 'snc_internal' role' user criteria listed
- Cannot View has 'SNC_External' user criteria listed
