To restrict the Service Account to read only the tasks assigned to specific groups

DeepikaRT · ‎08-07-2025

We've created new service account, role and created ACL to grant read-only access to incident/problem/change/Requested item table. Currently, the account can pull all records, but we need to restrict it to only pull tasks assigned to a specific group.

J Siva · ‎08-07-2025

Hi @DeepikaRT
If that service account is being used by a third-party application, then share an API that provides access only to records belonging to a specific group.
In the Table API encoded query, add the filter condition "assignment_group=<sys_id of the group>".

Regards,
Siva

Ankur Bawiskar · ‎08-07-2025

@DeepikaRT

you will have to ask 3rd party team to add encoded query for group.

But what if they don't give encoded query they will see everything.

You can't control this using Table API.

So I recommend using scripted REST API and you can use GlideRecord in that and restrict and give the API response accordingly.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

Ankur Bawiskar · a month ago

@DeepikaRT

Hope you are doing good.

Did my reply answer your question?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader

DeepikaRT · a month ago

Thanks for your input. I tried applying a data condition in the ACL and tested it in Postman, but it's returning empty results.