Find your people. Pick a challenge. Ship something real. The CreatorCon Hackathon is coming to the Community Pavilion for one epic night. Every skill level, every role welcome. Join us on May 5th and learn more here.

Using REST API Explorer | new role required "web_service_admin" !?

Meloper
Kilo Sage

‎04-10-2024 03:36 AM - edited ‎04-10-2024 03:37 AM

UPDATE: 

I saw there is already a Problem: PRB1744904

 

----

 

Hi,

in the Past, Users were able to use the REST Api Explorer with "rest_api_explorer" role.

 

Since Nov 2023, there is a new ootb ACL.
name: Doc Service API

Which also needs the Role: "web_service_admin".

 

This new role give access to: read, create, modify, and delete Scripted REST APIs and web service resources.
https://www.servicenow.com/community/now-platform-forum/what-does-the-role-web-service-admin-give-to...

 

Of course i dont want that!

But without the new role you can access the API Explorer via the navigation but the drop downs are empty due to missing rights (new role)....

Meloper_0-1712745342295.png

 

Any ideas.
In the best case i dont want do change ootb ACL or add new but in this case...

 

  • 3,296 Views
2 REPLIES 2

Meloper
Kilo Sage

‎04-10-2024 03:37 AM

I saw there is already a Problem: PRB1744904

0 Helpfuls

Brian Scott2
Tera Expert

‎05-01-2024 02:33 PM - edited ‎05-01-2024 02:36 PM

Looks like they added a new ACL (in our case, with a security patch in Vancouver).

Here's the ACL in our Vancouver instance and I verified it is the same ACL in a Washington DC developer instance;

https://[environment].service-now.com/nav_to.do?uri=sys_security_acl.do?sys_id=88c55a714332311076eca0246bb8f283

 

Here's the query to find it if it happens to have a different sys_id in your environment;

https://[environment].service-now.com/sys_security_acl_list.do?sysparm_query=name%3DDoc%20Service%20API%5Eoperation%3Dexecute

 

I just added the rest_api_explorer role along side the web_service_admin role and its working for our users now.