A user with soap role has access to all the tables. How to restrict that user to only one table? is it possible with REST?

Go to solution
pkmithun
Kilo Contributor

‎03-14-2017 12:50 AM

A user with soap role has access to all the tables. How to restrict that user to only one table? is it possible with REST? - with ACL user access can be restricted to one table. however, user may have access to other tables.

Labels:
0 Helpfuls
  • 6,027 Views
1 ACCEPTED SOLUTION

Go to solution
Alikutty A
Tera Sage
In response to pkmithun

‎03-15-2017 12:46 AM

Hi Mithun,



Yes it does, When you setup ACL's you don't have to provide the rest_service role and it guarantees that access is only provided to scripted REST API and the user cannot access other web services.



Here is a sample ACL



rest_api.jpg



You should tag the new_rest_role to a group or user and the Rest_Endpoint ACL in your REST API. This ensures that users with new_rest_role only have access to the specific API.



Thanks


Please Hit like, Helpful or Correct depending on the impact of the response


View solution in original post

Preview file
57 KB
11 REPLIES 11

Go to solution
Alikutty A
Tera Sage
In response to pkmithun

‎03-15-2017 12:46 AM

Hi Mithun,



Yes it does, When you setup ACL's you don't have to provide the rest_service role and it guarantees that access is only provided to scripted REST API and the user cannot access other web services.



Here is a sample ACL



rest_api.jpg



You should tag the new_rest_role to a group or user and the Rest_Endpoint ACL in your REST API. This ensures that users with new_rest_role only have access to the specific API.



Thanks


Please Hit like, Helpful or Correct depending on the impact of the response


Preview file
57 KB

Go to solution
Alikutty A
Tera Sage
In response to Alikutty A

‎03-15-2017 12:58 AM

Hi Mithun,



If I have answered your question, please mark my response as correct so that others with the same question in the future can find it quickly and that it gets removed from the Unanswered list.



If you are viewing this from the community inbox you will not see the correct answer button.   If so, please review How to Mark Answers Correct From Inbox View.



https://community.servicenow.com/docs/DOC-5601



Thanks


Please Hit like, Helpful or Correct depending on the impact of the response


0 Helpfuls

Go to solution
pkmithun
Kilo Contributor
In response to Alikutty A

‎03-15-2017 02:17 AM

is this similar to soap_script role in soap web services?


0 Helpfuls

Go to solution
Alikutty A
Tera Sage
In response to pkmithun

‎03-15-2017 02:27 AM

Yes, soap_script role is required to access scripted SOAP web services but then it will give the user access to all scripted web services. Unfortunately Service Now has not added the ACL feature in SOAP.



Thanks


Please Hit like, Helpful or Correct depending on the impact of the response


0 Helpfuls

Go to solution
pkmithun
Kilo Contributor
In response to Alikutty A

‎03-15-2017 04:51 AM

Thanks. Now got it. One more thing what i found is, if there is no ACL added to a scripted rest web service, it can be accessed with any account without any role. .


0 Helpfuls