Is there a read-only role available for the sys_dictionary table in ServiceNow?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
5 hours ago
I want to use dictionary information (like field definitions) in my scoped application, but I don’t want to grant elevated permissions that allow updates to the dictionary. Is there an out-of-the-box role for read-only access to the sys_dictionary table, or would I need to create a custom role for this purpose?
#scopedApplication #table
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
2 hours ago
Hi @Onlyprashant,
No, there is not a standard, out-of-the-box role designed specifically for read-only access to the sys_dictionary table. Roles that typically have access to the dictionary, such as personalize_dictionary and admin, also include write permissions, which is more than what your scoped application requires.
The best and most secure practice is to create a custom role for your application. You can then create a new read-operation Access Control List (ACL) on the sys_dictionary table and assign your custom role to it. This approach follows the principle of least privilege by granting your application only the precise permissions it needs to function without exposing the system to unnecessary risks
Hope this helps!
Thanks & Regards,
Muhammad Iftikhar
If my response helped, please mark it as the accepted solution and helpful so others can benefit as well.
