The Zurich release has arrived! Interested in new features and functionalities? Click here for more

ServiceAccount access level for calling rest api to create service request.

PB V1_0
Kilo Contributor

‎01-30-2023 04:28 PM

Hello,

 

We are trying to integrate an external system access request with ServiceNow (Tokyo). As part this we want to open sc request in SNOW.

 

For same, can you help us know what should be the specific access which we should give to the service account? 

 

We will be making post calls to "/api/now/table/sc_request " endpoint to create requests in SNOW.

 

We did try with admin role and were able to make the request. However, now the request is to give apt access to account to ensure there is no miss usage of same.

 

Appreciate help on this!

 

Regards!

0 Helpfuls
  • 1,667 Views
3 REPLIES 3

Prince Arora
Tera Sage
Tera Sage

‎01-31-2023 12:22 AM

@PB V1_0 ,

 

When creating a user to assign a REST or SOAP role, keep in mind that the user must also have access to the tables with which you intend to interact. The appropriate role for that tables is necessary. if I am checking for the OOB ACLs of "sc_request" table(Please check ACLs of your instance those might be different).

PRINCE_ARORA_0-1675152497505.png

you can provide "catalog_admin" to the integration user, it will create a new record.

 

2) The second approach is to create a new custom role that is specific to this integration user and add it to the "CREATE" Acl of "sc request," after which you can assign that role to the integration user.

Please mark my answer helpful/accept it, if it works for you

 

 

0 Helpfuls

Abhay Kumar1
Giga Sage

‎01-31-2023 04:00 AM

@PB V1_0 It's not suggestable to use directly main table for API, i will suggest to check 'sys_transform_map' if your instance contains any otherwise create one with transform map.

basic Steps :

1. create a API user with selecting Web Access Service only (this would be shared with external both userId & Password to connect with ServiceNow).

2, optional but suggested to use for oAuth2.0 , create an Application registry  (table : oauth_entity) and user will use this after getting token using step-1 credential ( uri: https://yourinstance/oauth_token.do) , so you have to share client-id and client-secret, which will be used further for post.

Hope this will help you. 

0 Helpfuls

Kirby R
Kilo Sage

‎01-31-2023 04:15 AM

snc_platform_rest_api_access: 

Allows access to Platform Rest APIs
- Table API
- Import Set API
- Aggregate API
- Attachment API

 

itil:

- For ITSM related(sc_request,sc_req_item, incident etc).

0 Helpfuls