Importing with 2 different user accounts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-30-2024 07:31 AM
I am thinking of splitting the import process between two users: one can write to an import table and another does a transfrom. The aim is to improve security. Through the REST interface only the staging table can be written to. In case of malicious use of the REST user, the damage will be less compared to the case where Users or Companies tables can be written. Is this supported by Servicenow OOTB? Do you think this is a good idea?
BR,
Vladimir
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎08-30-2024 10:50 AM
Do you want to automate the import with system integration?
If you're importing manually, I think the best practice is to create a service catalog and go through an approval process.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎09-03-2024 08:10 AM
I mean automated imports and/or record creation, such as users. The process can be initiated by the REST PUT call to the Import table. After the record is created in the Import table, the Transform map does the user record creation. The REST call and the record creation are done with one user privilege. I would like to split the process so that the REST user could create a record in an Import table, but the record creation in the sys_user table would happen with a different user. So we do not need to give the system table rights to the user account controlled by someone outside our team.
