REST API incident table access - minimum roles required

Go to solution
Panagiotis Kons
Tera Expert

‎02-03-2023 04:07 AM

Hello,

I am trying to access an incident, via the REST table API, in the following URL:

 

https://myinstance.service-now.com/api/now/table/incident/28a1975737be8a00375570f543990444

 

I have created a new user and given the "rest_api_explorer" and "rest_service" roles. However when I try to access the record I get the error

 

"Record doesn't exist or ACL restricts the record retrieval".

 

If I give the user the role "admin" then everything works fine, the record comes up. However I feel like it's too much to give the user the role "admin" just for accessing the incidents table. Does anyone know the minimum role(s) I need to grand to my user in order to be able to access tables in ServiceNow?

 

Thank you

 

 

0 Helpfuls
  • 3,469 Views
1 ACCEPTED SOLUTION

Go to solution
Allen Andreas
Administrator
Administrator

‎02-03-2023 06:20 AM - edited ‎02-03-2023 06:20 AM

Hi,

Per the out of box ACLs, the access is determined by who opened it, is the caller, etc.

In your case, you may also need to give the itil role for the credentials to have appropriate read access to all incidents.

Please mark reply as Helpful/Accepted, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

View solution in original post

4 REPLIES 4

Go to solution
Mark Guldhammer
Giga Guru

‎02-03-2023 04:44 AM

Hi

 

I these situations, I always resort to the Debug Security feature. Then you can se which checks are failing in the bottom of the page, when you impersonate the user.

 

Br. 

Mark

 

0 Helpfuls

Go to solution
Johns Marokky
Tera Guru

‎02-03-2023 04:53 AM

Hi @Panagiotis Kons ,

Please try giving the user 'itil' role and see if its working.

 

Regards,

Johns

0 Helpfuls

Go to solution
Allen Andreas
Administrator
Administrator

‎02-03-2023 06:20 AM - edited ‎02-03-2023 06:20 AM

Hi,

Per the out of box ACLs, the access is determined by who opened it, is the caller, etc.

In your case, you may also need to give the itil role for the credentials to have appropriate read access to all incidents.

Please mark reply as Helpful/Accepted, if applicable. Thanks!


Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!

Go to solution
Panagiotis Kons
Tera Expert
In response to Allen Andreas

‎02-03-2023 06:43 AM

Hello Allen,

 

I have already tried with the itl role, didn't work.

 

Any more suggestions?

 

Thank you

0 Helpfuls