Things required to access a script include in one scoped app from another scoped app?

Kiran52 · ‎10-11-2022

I'm trying to access a private script include in one store app from another store app.

Is setting the script include "Accessible from" field to "All application scopes" is enough? Do i need also create a cross-scope access record. Are both needed or either one of them is enough?

Sai Kumar B · ‎10-11-2022

@Kiran52

It depends on the option you set in the "caller access" field in the Script Include record.

Select the appropriate access level in the Caller Access field. Option Description

None	Cross-scope calls to the resource are approved or denied based on the value of the Accessible from field.
Caller Restriction	Calls to the resource must be manually approved. Access requests are tracked in the Restricted Caller Access table with a status of Requested.
Caller Tracking	Calls to the resource are automatically approved. Calls are tracked in the Restricted Caller Access table with a status of Allowed.

Allow or deny an access request from a calling application.
When a cross-scope application attempts to access a resource set to Caller Restriction, the system denies access to the resource and creates a record in the Restricted Caller Access table with a status of Requested. An admin user or application administrator must allow or deny the request. When access is allowed, all future access attempts gain access to the restricted resource.
If a calling resource changes (such as when a business rule’s script changes), the restricted caller access record status changes to Invalidated. An admin user or application administrator must update the status to Allowed or Denied.

For more information on cross-scope, refer to the following SN doc
Define cross-scope access to an application resource

View solution in original post

Sai Kumar B · ‎10-11-2022

@Kiran52

"Accessible from" field to "All application scopes" is enough and also call the script include with the API name - (The internal name of the Script Include. Used to call the Script Include from out-of-scope applications.)

Kiran52 · ‎10-11-2022

@Sai Kumar B When is the cross-scope access record required?

Sai Kumar B · ‎10-11-2022

@Kiran52

It depends on the option you set in the "caller access" field in the Script Include record.

Select the appropriate access level in the Caller Access field. Option Description

None	Cross-scope calls to the resource are approved or denied based on the value of the Accessible from field.
Caller Restriction	Calls to the resource must be manually approved. Access requests are tracked in the Restricted Caller Access table with a status of Requested.
Caller Tracking	Calls to the resource are automatically approved. Calls are tracked in the Restricted Caller Access table with a status of Allowed.

Allow or deny an access request from a calling application.
When a cross-scope application attempts to access a resource set to Caller Restriction, the system denies access to the resource and creates a record in the Restricted Caller Access table with a status of Requested. An admin user or application administrator must allow or deny the request. When access is allowed, all future access attempts gain access to the restricted resource.
If a calling resource changes (such as when a business rule’s script changes), the restricted caller access record status changes to Invalidated. An admin user or application administrator must update the status to Allowed or Denied.

For more information on cross-scope, refer to the following SN doc
Define cross-scope access to an application resource

Kiran52 · ‎10-11-2022

This clears it up. Thank you.