Read access to HR profile from global flow

Les1
Tera Guru

‎03-13-2024 03:20 PM

Trying to do what seems like should be a simple record lookup and compare between HR profile and requested for user in a Requested Item (RITM).

Was attempting this using Lookup Records in the item's Flow to compare if the trigger record's "Requested For" user is in the HR Profile table by trying to match for HR Profile.user.   but i apparently am getting stopped by this error in the flow execution details

message": "Scope does not have read access to table sn_hr_core_profile

 looking at hr profile table in Application Access, 

Les1_0-1710368193354.png

accessible from "all application scopes" 

Besides this i did attempt to create a cross scope privilege record targeting application: human resources:core and target = HR Profile from source global but that just gets me an "Invalid Insert" with the following error:

Global not allowed for cross scope privilege source scope

 
advice and guidance appreciated!
0 Helpfuls
  • 1,675 Views
9 REPLIES 9

Les1
Tera Guru
In response to Sandeep Rajput

‎03-14-2024 01:17 PM

When i go to other Restricted caller access privilege records pointing to Target: "HR Profile"  it is setup like this:

Target

Table {sys_db_object}

Document: HR Profile

 

i will try this also and see if that works

0 Helpfuls

Les1
Tera Guru
In response to Sandeep Rajput

‎03-15-2024 05:39 AM

Additionally, when looking at other Restricted Caller Accesss records that  were pointed at HR Profile, i noticed they were setup like this for Target so attempted the same for mine:

Les1_0-1710506110694.png

But this also did not seem to allow the Flow to query the HR Profile table from Global.

 

0 Helpfuls

Sandeep Rajput
Tera Patron
Tera Patron
In response to Les1

‎03-15-2024 08:18 AM

@Les1 Could you please check if Can Read checkbox on your HR Profile Table is set to True.

Screenshot 2024-03-15 at 8.47.20 PM.png

0 Helpfuls

Les1
Tera Guru

‎03-14-2024 07:17 AM

Thank you all for your responses! you guys are awesome! 

I will try these and report back

0 Helpfuls

Sumanth16
Kilo Patron

‎03-14-2024 08:31 PM

Hi @Les1 ,

 

This is the error you will receive when the Application Restricted CallerAccess record is not "Allowed".

You can go to the Restricted Caller Access form and look for records that do not have the status of "Allowed". It is my theory that tthe operation is making a call into the HR:Core scope that you have not allowed.

This Restricted Caller Access is a new feature in Kingston. This is how we have enhanced the HRSD application to give the HR Administrator more visibility into the operations made against the HR:Core scope.

There is a Community webcast on this new functionality that would give detailed information on this new feature. You can find it here: 

https://community.servicenow.com/communityid=community_question&sys_id=cbd8b9badbb9570058dcf4621f961...

 

If I could help you with your Query then, please hit the Thumb Icon and mark it as Correct !!

 

Thanks & Regards,

Sumanth Meda

 

 

0 Helpfuls