- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2018 11:31 PM
As part of our plan to make ServiceNow data available for other applications to use. It is necessary to secure the scope for these applications within ServiceNow. It may not be common for API consumers to play around with the provided endpoints. However it does have some security concerns. Therefore I looked into Scripted API to achieve this.
I believe it does provide what we need for scoping. Custom Role and ACLs of type "REST Endpoint" can be defined to provide access to relevant API endpoints. However there is a need of Table API to be disabled. So the question is
1. How it can be disabled?
2. What will be the impact?
3. Is there any OOB application using table API?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2018 10:13 PM
Hi Rohail,
But I think using table level read ACLs you can handle this even though they have basic auth credentials.
What role that user has which they are using for basic auth?
Regards
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-08-2018 11:42 PM
Hi Rohail,
Table API any how they won't be use unless they know the actual table name present in the instance.
Have you shared any basic auth credentials such as username and password with them using which they can access the instance?
Regards
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2018 08:55 PM
Hi Ankur,
Appreciate your quick response and yes, they do have an integration account for basic authentication.
Regards,
Rohail
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-09-2018 10:13 PM
Hi Rohail,
But I think using table level read ACLs you can handle this even though they have basic auth credentials.
What role that user has which they are using for basic auth?
Regards
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-12-2018 02:51 AM
Hi Rohail,
Any update on this?
Can you mark my answer as correct, helpful if you were able to achieve the requirement. This helps in removing this question from unanswered list and helps users to learn from your thread. Thanks in advance.
Regards
Ankur
Ankur
✨ Certified Technical Architect || ✨ 9x ServiceNow MVP || ✨ ServiceNow Community Leader
