I discovered that when the Table API ACL (OOTB) is disabled, any local user can make API calls depending on their roles.
I enabled the ACL and now the local user also needs the "snc_platform_rest_api_access" role, plus the table roles, to access the Table API — which is perfect.
The problem is that the customer does not want this local user to be able to call the API from outside the corporate network.
In other words, they do not want API access from a personal computer or external network.
Because of this, using the Table API may not be the best option, and we are considering creating a Scripted REST API instead.
Customer users authenticate via Azure AD SSO.
I need to restrict API access only to these users, or, if that is not possible, restrict access only to the customer VPN IP ranges.
Is this possible in ServiceNow?
Has anyone implemented something similar?
Thanks in advance,
Marisa Inácio
