solving an Application Cross-Scope Access problem

brianrichards
Tera Guru

Sometimes working with scoped apps gives me a headache.

My broad problem is that I frequently have to employ guesswork to solve cross scope access issues, and I find the documentation for using cross scope access records very limited. So to start, does anyone have a great approach for determining what should go into such a record? Or are there good sources on the web that discuss this bit of functionality. (Don't even bother posting the ServiceNow documentation link for this. I've already invested the five seconds it takes to learn all it has to offer.)

The specific problem I am having right now is this: I created a scoped app that includes a table extended from CMDB. As a temporary measure (I know, I know) I am using an on insert business rule to generate an Incident record for every scoped app record created. When such a record is created we see the following error message:

'Access to api 'put(incident.sys_id)' from scope 'x_camu_sw_asset' has been refused due to the api's cross-scope access policy'

Functionally each record (x_camu_sw_asset and the BR-generated incident) is created as expected, and the CI field on incident is updated as per the BR the way I expect. To ensure that this all happened I already created a cross scope access rule to permit stuff in my scope to write to incident. That made sense.

But this error is killing me. I assume that I need to create some other cross scope access rule for some scriptable, but I am at a loss to determine what it is that I need. And more importantly I am frustrated because I cannot generalize a troubleshooting process for when I stumble across something like this.

Any ideas?

 

Brian

6 REPLIES 6

Thanks for the update. I'm not exactly sure on why you are getting that error. In case you are able to reproduce this on PDI, please let me know and I will try my best to help you.

 

Thanks,

Pradeep Sharma

Did you manage to get a fix for this?

 

I'm doing something similar and getting the same error message and have no idea where to turn now... (which further cements my hatred of scoped apps).

 

I have created an application with a script include.

The code that is giving me problem is this:

 

var inc = new GlideRecord("incident");

inc.initialize();

inc.number = "123"; //This line brings the error

 

I don't even have to do anything with the GlideRecord, the mere setting that value in the object gives me the error:

 

Access to api 'put(incident.number)' from scope 'idesigner' has been refused due to the api's cross-scope access policy