Hi
I am using sn_ws.RESTMessageV2 to get an image from one of our local REST API via a MID server. This works, but when I try to save the image as an attachment to an Incident using saveResponseBodyAsAttachment that does not work due to this limitation in the docs:
"When you use this function with a REST message that is sent through a MID server, the MID server user must have any roles required to read and write attachment records, as well as any roles required to read and write records on the table specified in the tableName parameter."

I can save the attachment if I give the MID server user the 'admin' role, but I don't want that for obvious reasons, and the 'itil' role (which gives permission to read\write in the 'incident' table) is not enough apparently. So I have been trying to find out exactly which role(s) I need on the MID server user to be able to save the attachment using saveResponseBodyAsAttachment.

How can I find out what roles I need? I think we have a pretty vanilla ACL setup.
Are there any other options, like saving the image to the Attachment table via some other function?