Is there a way to provide admin & security_admin role to the users using rest integration.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 01:58 AM
Use Case:
Whenever a user requests access from PROD to DEV for admin or security admin roles, the flow should automatically assign the requested roles to the user.
The setup is already in place and works correctly for other roles.
Issue:
- For the admin role, the flow creates an empty record — the user and group Fields are not populated.
- For the security admin role, the flow throws the following error:
Error: Operation Failed
Details: Error during insert of sys_user_grmember (test user)
(Process Automation.19602fa1890b261025214ad7e9572531; line 😎
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 02:05 AM
did you try running background script in DEV and see?
Your flow should be configured to Run as -> System User
If my response helped please mark it correct and close the thread so that it benefits future readers.
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 02:28 AM
The flow is configured to run as the System User, and the script successfully adds the roles to the user when executed manually. However, the flow itself is not working as expected.
Even though the integration user has the required access, the flow fails specifically when assigning the security_admin role.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 02:05 AM
do you really want to grant sec_admin that easily? 😛 it's the highest role...
The sec_admin can be granted by sec_admin only, the standard admin cannot do that. So perhaps your flow doesn't have enough rights to do it...
To verify this - try the flow for some other role and if it will be successfully added, then the problem is that it must be updated by sec_admin. If another role will also not be added, the issue is somewhere else.....
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-30-2025 02:22 AM
Actually, we have an approval process in place where only the Platform Team has access to approve requests. Based on the approval, we intend to assign the security_admin role to the user.
We are using an integration user to provide access to DEV and TEST environments. While this setup works fine for other roles, it throws an error specifically when assigning the security_admin role. The integration user already has the necessary roles, but the error still occurs.
Is there a way to achieve this successfully?