Hi everyone,

I’m trying to test the "glide.record.legacy_cross_scope_access_policy_in_script" property in ServiceNow to verify its impact on scoped application access to global scope records (e.g., incident or sys_user). I’ve followed these steps, but I’m running into issues where updates from my scoped app succeed even with the property set to false, likely due to automatic cross-scope privilege creation. Here’s what I’ve tried:

• Created a scoped app (e.g., TestScopeApp) and a script to update a global table.

• Set "glide.record.legacy_cross_scope_access_policy_in_script" to true and confirmed the scoped app could update global records, showing the legacy behavior.

• Changed the property to false, removed cross-scope privileges, and restricted the table’s Application Access to "this application scope only", but updates still succeed.

• Noted that Cross scope privileges are recreated automatically, and explicitly denying them (set it to denied) blocks access, but I need to test the property’s effect specifically.

How can I accurately test this property to ensure scoped apps can’t update global scope records without explicit permissions when set to false? Any advice or similar experiences would be greatly appreciated!

Thanks,

Joseph