ACL on table API and Cart API

rambo1
Tera Guru

‎01-19-2025 05:01 AM

HI Team, 

 

I need only set of users (with 'x' custom role) to be able to access TABLE API for all tables except incident and event table for 'post,put,patch' methods.

I know there is a ootb ACL which is inactive , it can be activated a 'x' role can be added to it but it affects all tables. How do I remove incident and event table ? I am stuck in adding condition to not to apply to incident and event table in the below ACL.

or is there any other way ?

Also I need 'Cart api' to be access only by set of user ('y' custom role), how to achieve this ?

Uses of activating OOB 'Table API' ACL. - Support and Troubleshooting - Now Support Portal

0 Helpfuls
  • 671 Views
5 REPLIES 5

Kieran Anson
Kilo Patron
In response to Ankur Bawiskar

‎01-20-2025 07:48 AM

Service Catalog API access controls can be viewed by looking at the scripted REST API record in SN (there isn't any explicit ACL controls). Because it uses CartJS, it uses the user context to determine whether:

  • They can read the item
  • Can submit for others (if requested for variable is used)

 

0 Helpfuls