LDAP configuration Access to API error

imran rasheed
Tera Contributor

‎02-26-2025 01:15 AM

We have our LDAP server configuration in our instance which works fine and we are trying to add one more LDAP server, which has same server URL but different search directory path. Connection seems to be successful.

When we try to create a data source and add same import set table which we used for other ldap server, we get the error 'Access to api 'setValue(sys_data_source.data_loader)' from scope 'sn_gcp_integ' has been refused due to the api's cross-scope access policy'. And the test load returns with error.

imranrasheed_0-1740561250586.png

 

 

0 Helpfuls
  • 392 Views
3 REPLIES 3

Dr Atul G- LNG
Tera Patron
Tera Patron

‎02-26-2025 01:41 AM

Hi @imran rasheed 

 

You need to create a cross-scope privilege record for this.

By default, the sys_transform_entry table has the Can create checkbox unchecked, meaning scripts from other scopes cannot insert records into this table. To resolve this, check the Can create checkbox and then run your script again.

This will allow inserts from other scopes.

If you also want to allow updates, make sure to check the Can update checkbox as well.

 

https://www.servicenow.com/community/developer-forum/errors-due-to-the-api-s-cross-scope-access-poli...

 

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls

imran rasheed
Tera Contributor
In response to Dr Atul G- LNG

‎02-26-2025 02:11 AM

Hello Atul,

thanks for your response. I tried updating the transform entry application access with can create for all application scopes. But still the same error.

LDAP server, OU Definitions, Data source, transform map all are in global scope. I don't understand why do we need all the scopes to be accessible.

0 Helpfuls

Dr Atul G- LNG
Tera Patron
Tera Patron
In response to imran rasheed

‎02-26-2025 02:48 AM

Hi @imran rasheed 

 

Might be a helpful read

 

https://www.servicenow.com/community/developer-articles/understanding-application-scope-on-the-now-p...

*************************************************************************************************************
If my response proves useful, please indicate its helpfulness by selecting " Accept as Solution" and " Helpful." This action benefits both the community and me.

Regards
Dr. Atul G. - Learn N Grow Together
ServiceNow Techno - Functional Trainer
LinkedIn: https://www.linkedin.com/in/dratulgrover
YouTube: https://www.youtube.com/@LearnNGrowTogetherwithAtulG
Topmate: https://topmate.io/atul_grover_lng [ Connect for 1-1 Session]

****************************************************************************************************************
0 Helpfuls