Read access to HR profile from global flow

Les1 · ‎03-13-2024

Trying to do what seems like should be a simple record lookup and compare between HR profile and requested for user in a Requested Item (RITM).

Was attempting this using Lookup Records in the item's Flow to compare if the trigger record's "Requested For" user is in the HR Profile table by trying to match for HR Profile.user. but i apparently am getting stopped by this error in the flow execution details

message": "Scope does not have read access to table sn_hr_core_profile

looking at hr profile table in Application Access,

accessible from "all application scopes"

Besides this i did attempt to create a cross scope privilege record targeting application: human resources:core and target = HR Profile from source global but that just gets me an "Invalid Insert" with the following error:

Global not allowed for cross scope privilege source scope

advice and guidance appreciated!

James Chun · ‎03-13-2024

Hi @Les1,

I think you can do one of the following:

Create the Flow in the HR scope, or
Create a Script Include in HR scope and set it accessible from all scopes. Add your query logic in the Script Include and invoke the function from your Flow.

There could be a better way to solve this but I think the above will do the job.

Cheers

Harish KM · ‎03-13-2024

HI @Les1 Have you verified in sys_restricted_caller_access the status is set to allowed?If the record is not there you have to create one read access for the flow to work.

Refer this

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB0854565

Regards
Harish

Sandeep Rajput · ‎03-13-2024

@Les1 You should created Cross scope privilege record in Human Resource Core scope as follows.

Hope this helps.

Les1 · ‎03-14-2024

Sandeep,

i added the restricted caller record but am still getting the error in the workflow.