To restrict the Service Account to read only the tasks assigned to specific groups

DeepikaRT
Tera Contributor

We've created new service account, role and created ACL to grant read-only access to incident/problem/change/Requested item table.  Currently, the account can pull all records, but we need to restrict it to only pull tasks assigned to a specific group.

5 REPLIES 5

J Siva
Tera Sage

Hi @DeepikaRT 
If that service account is being used by a third-party application, then share an API that provides access only to records belonging to a specific group.
In the Table API encoded query, add the filter condition "assignment_group=<sys_id of the group>".

Regards,
Siva

Ankur Bawiskar
Tera Patron
Tera Patron

@DeepikaRT 

you will have to ask 3rd party team to add encoded query for group.

But what if they don't give encoded query they will see everything.

You can't control this using Table API.

So I recommend using scripted REST API and you can use GlideRecord in that and restrict and give the API response accordingly.

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

@DeepikaRT 

Hope you are doing good.

Did my reply answer your question?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
Certified Technical Architect  ||  9x ServiceNow MVP  ||  ServiceNow Community Leader

Thanks for your input. I tried applying a data condition in the ACL and tested it in Postman, but it's returning empty results.