Unable to access global password system property in scoped application

Go to solution
Jake Sadler
Kilo Sage

‎07-12-2024 03:42 AM

I am unable to access global password system property in scoped application. I am able to access other system property types in the global application.

 

Is there something that needs to be done especially for password properties when it comes to cross scope access?

0 Helpfuls
  • 726 Views
1 ACCEPTED SOLUTION

Go to solution
Peter Bodelier
Giga Sage
In response to Jake Sadler

‎07-12-2024 04:15 AM

Hi @Jake Sadler 

 

I'm afraid setting up normal Cross scope permissions would not be enough.
It would require Restricted Caller Access Privilege to be set, but you cannot do this yourself against global scope, so you will have to request this to be done by ServiceNow Support.

 

I doubt they will honour this request though, since it introduces a security risk as well, given it involves passwords.


Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.

View solution in original post

0 Helpfuls
3 REPLIES 3

Go to solution
Peter Bodelier
Giga Sage

‎07-12-2024 03:47 AM

Hi @Jake Sadler 

 

Can you give a little bit more information on what you are trying to achieve and what you have tried so far?

 

 


Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.
0 Helpfuls

Go to solution
Jake Sadler
Kilo Sage
In response to Peter Bodelier

‎07-12-2024 03:58 AM - edited ‎07-12-2024 03:59 AM

Hi Peter,

 

I am executing a rest message in a script include inside the application scope.

 

I am able to retrieve a string system property which is the user name. It is called like this: 

gs.getProperty('Dev_UserName'); and is retrieved correctly without error.
 
When I call the password system property like this: 
gs.getProperty('Dev_Password').

 
I get this error:
Security restricted: Access to property 'Dev_Password' from scope 'appName' has been refused due to the property's cross-scope access policy.
 
The correct cross scope permissions for GlideAPI: properties are in place for the application but I have had no luck retrieving this password type system property
0 Helpfuls

Go to solution
Peter Bodelier
Giga Sage
In response to Jake Sadler

‎07-12-2024 04:15 AM

Hi @Jake Sadler 

 

I'm afraid setting up normal Cross scope permissions would not be enough.
It would require Restricted Caller Access Privilege to be set, but you cannot do this yourself against global scope, so you will have to request this to be done by ServiceNow Support.

 

I doubt they will honour this request though, since it introduces a security risk as well, given it involves passwords.


Help others to find a correct solution by marking the appropriate response as accepted solution and helpful.
0 Helpfuls