ACL and REST API

Go to solution
SohamJ
Tera Contributor

‎06-06-2025 02:56 AM

I want have created a custom table containing username and company as a reference field to the user table. Now the table data should be only accessible to the user if his name and company matches with the one in the custom table. How do I do that? please provide a solution by using ACL or ACL and Scripted REST API both.

0 Helpfuls
  • 405 Views
2 ACCEPTED SOLUTIONS

Go to solution
Pratiksha
Mega Sage
Mega Sage

‎06-06-2025 03:00 AM - edited ‎06-06-2025 03:00 AM

// Get current user details
var user = gs.getUser();
var userID = user.getID(); // sys_id
var userCompany = user.getCompanyID(); // sys_id

// Check if current record matches current user and their company
answer = (current.user == userID && current.company == userCompany); This you can write on acl 

View solution in original post

Go to solution
anshul_goyal
Kilo Sage

‎06-06-2025 03:07 AM

Hello @SohamJ,

Use this script in the ACL to restrict access:

(function() {
    var currentUser = gs.getUserID(); // sys_id of current user
    var userCompany = gs.getUser().getCompanyID(); // user's company sys_id

    return current.u_user == currentUser && current.u_company == userCompany;
})();

 
Please mark my solution as helpful and accepted for future reference

Thanks

View solution in original post

3 REPLIES 3

Go to solution
Pratiksha
Mega Sage
Mega Sage

‎06-06-2025 03:00 AM - edited ‎06-06-2025 03:00 AM

// Get current user details
var user = gs.getUser();
var userID = user.getID(); // sys_id
var userCompany = user.getCompanyID(); // sys_id

// Check if current record matches current user and their company
answer = (current.user == userID && current.company == userCompany); This you can write on acl 

Go to solution
anshul_goyal
Kilo Sage

‎06-06-2025 03:07 AM

Hello @SohamJ,

Use this script in the ACL to restrict access:

(function() {
    var currentUser = gs.getUserID(); // sys_id of current user
    var userCompany = gs.getUser().getCompanyID(); // user's company sys_id

    return current.u_user == currentUser && current.u_company == userCompany;
})();

 
Please mark my solution as helpful and accepted for future reference

Thanks

Go to solution
Ankur Bawiskar
Tera Patron
Tera Patron

‎06-06-2025 03:19 AM

@SohamJ 

you can use table level READ ACL and it's an easy one

what did you start with and where are you stuck?

If my response helped please mark it correct and close the thread so that it benefits future readers.

Regards,
Ankur
✨ Certified Technical Architect  ||  ✨ 9x ServiceNow MVP  ||  ✨ ServiceNow Community Leader
0 Helpfuls