how to create ACL/Role so that integration user can access only RITM specific to a particular item

kapil_shinde
Tera Expert

‎03-12-2024 05:03 AM

Hi All,

 

we have a requirement that third party want to access RITM/SCTask through REST API. We want to restrict them only to specific catalog item. how can we achieve this through ACL/Roles ? we have create an integration user, need help on ACL. 

0 Helpfuls
  • 745 Views
4 REPLIES 4

Harish KM
Kilo Patron
Kilo Patron

‎03-12-2024 05:09 AM

Hi @kapil_shinde why don't you use Scripted Rest API, so that you can restrict the fields the other System want to access . If you use tableAPI then they can access all fields. If you go for ACL then you need to update or create field level ACL for the integration user

Regards
Harish
0 Helpfuls

kapil_shinde
Tera Expert

‎03-12-2024 09:42 AM

Thanks Harish,

 

We don't want to restrict any field but want to limit access only to specific catalog item.

 

0 Helpfuls

Harish KM
Kilo Patron
Kilo Patron
In response to kapil_shinde

‎03-13-2024 06:44 PM

Hi @kapil_shinde in that case you can create ACLs on ritm table and condition will be like

ITEM is "your catalog name:

and on sc_task

requestItem.itemname is "your catalog name" (you can dot walk to req item table)

Regards
Harish

Sandeep Rajput
Tera Patron
Tera Patron

‎03-13-2024 08:02 PM

@kapil_shinde You can create a read ACL as follows on your RITM table. Here key is to use Condition builder to filter only those catalog items which you would like your integration user to have access to.

 

Add the role of your integration user in the role list.

 

Screenshot 2024-03-14 at 8.30.00 AM.png