Is that possible to use SNow Rest API with out having Web_service_admin role/access?

Balakrishnan N
Kilo Contributor

‎06-09-2020 05:04 AM

Hi Team,

Does SNow will allow to get the ticket details using Rest API without having the Web_service_admin role.

My customer didn't give us the Web_Service_admin access/role whereas they wants to use Orchestration to get the ticket details.  Can any one help how to achieve this?

 

Regards,

Bala N

0 Helpfuls
  • 1,885 Views
8 REPLIES 8

Ct111
Giga Sage

‎06-09-2020 05:10 AM

Nope ,

it is the role which gives you access to query , update , delete or insert record in table.

Ideally you should have these roles to work on rest api

 

These are the details if you want to show it to your customer for asking for access

https://docs.servicenow.com/bundle/london-application-development/page/integrate/custom-web-services...

 

 

Mark my ANSWER as CORRECT and HELPFUL if it helps

 

 

Anyways you can ask customer if you want to restrict access after work is done then refer the below link , check response of Siva

https://community.servicenow.com/community?id=community_question&sys_id=6ea44859dbb623409a64e15b8a96...

0 Helpfuls

Ashutosh Munot1
Kilo Patron
Kilo Patron

‎06-09-2020 05:16 AM

Hi,

You need access to read the table which your api points to.

If scripted rest api then and if you are using script there doing glideRecordSecure and if you have acls in ACl field then you need to satisfy those.

Thanks,
Ashutosh

0 Helpfuls

Balakrishnan N
Kilo Contributor
In response to Ashutosh Munot1

‎06-12-2020 01:53 AM

Hi,

As per your reply, I came to know if your points satisfies then we no need to have Web_service_admin role to access those tables right?

And can you please help me to understand more on it, actually I'm new to this.  Could you please elaborate more on it to have more idea about it.

 

Which means what is glideRecordSecure and ACL field you're pointing.

Here my requirement is to alter sc_task table which is I need to get Open tickets and do some updates based on ticket information like State, comment and work_notes changes.

Regards,

Bala N

0 Helpfuls

Ashutosh Munot1
Kilo Patron
Kilo Patron
In response to Balakrishnan N

‎06-12-2020 05:10 AM

Hi,

So web_service_admin role has a purpose and that is "Users with this role can read, create, modify, and delete Scripted REST APIs and web service resources.". With this role you can maintain web services in instance.

 

Now lets take an example:

If you want to edit sc_task and read it then you need itil role for the integration user. BEcause this table can be read and update by person with ITIL role.

This also depends on how you integrate this. Using table API or using Scripted Rest API. If you use Scripted REST API then you can force few acls and use GlideRecordSecure as well which will force your code to evaluate all acl on that table in this case sc_Task. 

find_real_file.png

When you use Table API then it only security is credentials and ACL on that table.

So to be secure go for this Scripted Rest API.


Thanks,
Ashutosh

Preview file
47 KB