Restrict access to integration user on specific tables
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi Everyone,
I am trying to configure an integration between ServiceNow and ADO pipelines, for this I have created a user and granted ITIL role and using the table API he can read and update the data on the RITM. Due to security reason I wanted to create a custom role and wanted to restrict the user to specific records like he should only read or update the records assigned to some X group. Tried created an ACL but it is not working
How can we achieve this ? user with only custom should access specific records.
Which is the best way to restrict a Table API user to access records on specific table based on filter conditions? apart from scripted Rest API
Thank you!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @V V Satyanaray1 ,
Create integration role and user, remove the existing assigned role as you assigned ITIL, for new role create read/write ACL appropriately with giving access to only records to assigned to "abc" group by applying filtering condition in ACL.
Preferably build deny unless type of rule. If you want to allow only specific fields to be updated create rule like that.
Ensure that no other ACL's are giving the access to table. Remove the ITIL role and keep only newly created role.
Thanks,
Bhimashankar H
-------------------------------------------------------------------------------------------------
If my response points you in the right directions, please consider marking it as 'Helpful' & 'Correct'. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
3 weeks ago
Hi @V V Satyanaray1 ,
ITIL role has wide access along with RITM table. Create a new role and create new ACL and give the access to read/write to fields to newly created role, this way integration will have access to specifics fields or set of record with predefined conditions.
In ACL you can have the condition to which new role will have access to those only records.
Thanks,
Bhimashankar H
-------------------------------------------------------------------------------------------------
If my response points you in the right directions, please consider marking it as 'Helpful' & 'Correct'. Thanks!
