Error - "ACL Exception Insert Failed due to security constraints"

shubham23 · ‎06-19-2020

Hi,

I am trying to upload an attachment in the incident table using API. But I am getting below error:

status: failure
The remote server returned an error: (403) Forbidden.
message: Operation Failed
detail: ACL Exception Insert Failed due to security constraints

I am using non-admin user and don't know which ACL rules operation should be applied to which table. So, that user can upload the attachments

Could anyone please help me ?.

Thanks!

shubham23 · ‎04-28-2021

Working:
Added below ACL and now able to upload the attachment:

sys_attachment_doc (create)
sys_attachment (create)
ecc_queue (create)

For Downloading attachment provided below ACL:

sys_attachment_doc (read)
sys_attachment (read)
ecc_queue (read)

View solution in original post

Nikhil Bahurup1 · ‎06-19-2020

Hi Shubham,

impersonate this user and see if you can add attachment manually.

shubham23 · ‎06-20-2020

Hi @Nikhil Bahurupi,

I can attach the document manually but not with API.

AMIT SHISHODIA2 · ‎06-21-2020

Hi Shubham,provide security_admin and admin role to user,then this issue will be solved.

Please mark correct and helpful if it solves your issue.

In case of any issue,please reply

MGanon · ‎06-23-2020

Granting the security_admin and admin roles will bypass all security for that user and should be avoided for non-admin users.

MGanon · ‎06-23-2020

These links should help you debug:

https://docs.servicenow.com/bundle/madrid-platform-administration/page/administer/contextual-security/concept/c_AccessControlRulesDebug.html

https://hi.service-now.com/kb_view.do?sysparm_article=KB0523743

Have you customized any of the Out-of-Box (OOB) ACL rules or created your own?

Does the syslog provide any more detail for the specific ACL that fails?

Have you looked at the "Attachment API" with the "REST Endpoint" type? It is not active on my instance but it might be on yours.