What role do I need to access sys_user table?

rafasalo
Giga Contributor

I'm using the REST API to get all information from the Sys_user table. To access all information from sys_user table, I only can get it if I have the role ADMIN on my service account user. I want to access it with fewer privileges and less intrusive, if possible, a read-only role/permission. What is the role/permission I need to attach to my user instead? 

6 REPLIES 6

Meloper
Kilo Sage

Out of the Box there is no ROle to access sys_user Table.
By default you must be able to read this table if you want and need to fill in references like Caller or Assigend to.

If this is restricted for you, you have to look in the ACL table and check for sys_user.

rafasalo
Giga Contributor

@Meloper It's not restricted but I receive this return bellow. Basically, I can see all of my information but a few incomplete information from other users. Only if I grant ADMIN role to my user I can get all information of all users 

 

 

 

 

{
"result": [
{
"sys_id": "02826b[Anonimized]bcbe5d91",
"sys_domain": {
"link": "https://dev116286.service-now.com/api/now/table/sys_user_group/global",
"value": "global"
},
"name": "Joao Paul",
"sys_class_name": "sys_user"
},
{
"calendar_integration": "1",
"country": "",
"last_login_time": "",
"hashed_user_id": "b0caebssssssssss43490c2a2268e073567fbbeb9c66c55",
"source": "",
"sys_updated_on": "2022-12-08 03:50:31",
"building": "",
"web_service_access_only": "true",
"notification": "2",
"enable_multifactor_authn": "false",
"sys_updated_by": "guest",
"sys_created_on": "2022-12-08 03:19:50",
"sys_domain": {
"link": "https://dev116286.service-now.com/api/now/table/sys_user_group/global",
"value": "global"
},
"state": "",
"vip": "false",
"sys_created_by": "admin",
"zip": "",
"home_phone": "",
"time_format": "",
"last_login": "",
"active": "true",
"sys_domain_path": "/",
"cost_center": "",
"phone": "",
"name": "",
"employee_number": "",
"gender": "",
"city": "",
"failed_attempts": "0",
"user_name": "app_me",
"title": "",
"sys_class_name": "sys_user",
"sys_id": "20d7b049101019101bd8c26d430e",
"internal_integration_user": "true",
"mobile_phone": "",
"street": "",
"department": "",
"first_name": "",
"email": "rafa@tock.com",
"introduction": "",
"preferred_language": "",
"manager": "",
"sys_mod_count": "11",
"last_name": "",
"photo": "",
"avatar": "",
"middle_name": "",
"sys_tags": "",
"time_zone": "",
"schedule": "",
"date_format": "",
"location": ""
}
]
}

 

 

 

 

 "but a few incomplete information from other users. "

 

can you be more specifc with that?

What values are missing? maybe some values from other ref fields (so other tables with maybe read acls?

Musab Rasheed
Tera Sage
Tera Sage

Hello,

User_admin role should be sufficient along with REST API related roles.

Please hit like and mark my response as correct if that helps
Regards,
Musab