Table API - restrict to Read only

Go to solution
Jordan Alcock
Tera Contributor

‎06-28-2018 06:40 PM

Hi Everyone,

Wondering if anyone has any suggestions on methods to restrict specific methods on specific APIs.  

For example, we would like to provide Read access on all table APIs, but restrict write access to just the import set APIs (and others later perhaps).  I've seen the OOB table API ACLs, but they restrict the ability to execute not specific methods.  

We have thought about building out a role that would be restricted to read but it seems like we would be building a pretty complicated ACL by the time we accounted for everything we wanted access to.  And it doesn't seem very scalable.

If anyone has run into this kind of thing before and has any advice, would be much appreciated!

Labels:
  • 3,038 Views
1 ACCEPTED SOLUTION

Go to solution
Abhinay Erra
Giga Sage
In response to Jordan Alcock

‎07-09-2018 07:42 AM

The only way is using ACLS. Create a write/create ACL and restrict the users from creating/updating records.

View solution in original post

6 REPLIES 6

Go to solution
Madankumar N1
Tera Contributor
In response to Jordan Alcock

‎06-09-2020 05:38 AM

Hi Jordan
Did you got any solution for this issue

0 Helpfuls

Go to solution
Matthew G
ServiceNow Employee
ServiceNow Employee

‎05-04-2023 11:26 AM

I had this question myself, and this turned up on google. So to answer:

 

For a given table, (e.g. `my_table`), which you want to "restrict the table api to read only" yet still have standard acls, update all the Create/Update/Delete ACLs for `my_table` to be advanced with:

var uri = gs.action.getGlideURI().toString()
answer = !uri.startsWith('api/now/table')

Meaning "allow access if the URL isnt via the table api". If you want to keep read, just leave as-is.

0 Helpfuls