Join the #BuildWithBuildAgent Challenge! Get recognized, earn exclusive swag, and inspire the ServiceNow Community with what you can build using Build Agent.  Join the Challenge.

Lookup action on flow designer but get error, scope does not have read access to table sys_db_object

Narkkya Arulsel
Tera Contributor

3 weeks ago

Hi All,

 

I keep getting error on my subflow that uses look up action to look up on the sys_db_object table. 

 

Depending on the choice selected by user, form will show choice list from sys_user or sys_user_group. These selected list values should be displayed in description field.

When I try to display list choices on description field, it comes back empty.

Therefore I created a subflow that will convert list to array and do For loop to produce all the values as one string variable. The error occurs when looking up for sys_user or sys_user_group (depending on user selection) on sys_db_object. Also the table is needed in subflow so it can get display value of the users/groups.

 

Subflow is below.:

Screenshot 2025-11-05 at 19.14.18.png

 

Steps taken:

I've made sure flow is set to run as system user and checked read acl for sys_db_object.

Also made sure all this in global scope.

 

Thanks,

Narkkya

0 Helpfuls
  • 365 Views
4 REPLIES 4

Ricardo26
Tera Guru

3 weeks ago

Hi,

I think the best solution is just use a business rules or an action script to get the display value of the list. E.g

current.description = current.your_list.getDisplayValue();

 

If that is not an option, try to change the "allow configuration" from the sys_user and sys_user_group tables.

 

If my answer is useful, please mark as correct.

0 Helpfuls

Ankur Bawiskar
Tera Patron
Tera Patron

3 weeks ago - last edited 3 weeks ago

@Narkkya Arulsel 

not a good practice to do Lookup on sys_db_object

Did you try to use custom flow action and use Script Step and do the same via scripting?

what's the error? share screenshots.

💡 If my response helped, please mark it as correct and close the thread 🔒— this helps future readers find the solution faster! 🙏

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader
0 Helpfuls

kaushal_snow
Giga Sage

3 weeks ago

@Narkkya Arulsel ,

 

It's happening because even though you’ve set the flow to run as the System user and there is a read ACL on sys_db_object, the action is still blocked by cross scope or table level restrictions for that table (Such lookup operations against sys_db_object can be prohibited by security rules).......so you’ll want to either move the lookup logic into a scoped script or business rule that has appropriate elevated access, or create a cross scope privilege (sys_scope_privilege) allowing your application scope to read that table (since it’s a system table not normally exposed for Flow Designer use).........

 

If you found my response helpful, please mark it as ‘Accept as Solution’ and ‘Helpful’. This helps other community members find the right answer more easily and supports the community.

 

Thanks and Regards,
Kaushal Kumar Jha - ServiceNow Consultant - Lets connect on Linkedin: https://www.linkedin.com/in/kaushalkrjha/
0 Helpfuls

jcmings
Mega Sage

3 weeks ago

Why are you displaying the values in a description field? If this is a selection, wouldn't you want a choice/list collector?

0 Helpfuls